1
0
mirror of https://gitlab.com/comunic/comunicapiv2 synced 2024-11-22 13:29:22 +00:00

Can check user tokens

This commit is contained in:
Pierre HUBERT 2019-11-23 13:47:06 +01:00
parent 1ddf156cc4
commit c304c2f88e
4 changed files with 70 additions and 3 deletions

View File

@ -17,14 +17,15 @@ export interface Route {
type ?: RouteType, type ?: RouteType,
path: string, path: string,
cb: (req : RequestHandler) => Promise<void> | void, cb: (req : RequestHandler) => Promise<void> | void,
needLogin ?: boolean, // Default = true
} }
export const Routes : Route[] = [ export const Routes : Route[] = [
// Welcome controller // Welcome controller
{type: RouteType.GET, path: "/", cb: WelcomeController.HomeMessage}, {type: RouteType.GET, path: "/", cb: WelcomeController.HomeMessage, needLogin: false},
// Account controller // Account controller
{path: "/account/login", cb: AccountController.LoginUser}, {path: "/account/login", cb: AccountController.LoginUser, needLogin: false},
{path: "/user/connectUSER", cb: AccountController.LoginUser}, // Legacy {path: "/user/connectUSER", cb: AccountController.LoginUser, needLogin: false}, // Legacy
] ]

View File

@ -2,6 +2,7 @@ import { Response, Request } from "express";
import { APIHelper } from "../helpers/APIHelper"; import { APIHelper } from "../helpers/APIHelper";
import { APIClient } from "./APIClient"; import { APIClient } from "./APIClient";
import { checkMail } from "../utils/StringUtils"; import { checkMail } from "../utils/StringUtils";
import { AccountHelper } from "../helpers/AccountHelper";
/** /**
* Response to a request * Response to a request
@ -12,6 +13,7 @@ import { checkMail } from "../utils/StringUtils";
export class RequestHandler { export class RequestHandler {
private client : APIClient = null; private client : APIClient = null;
private userID : number = -1;
private responseSent = false; private responseSent = false;
@ -97,6 +99,30 @@ export class RequestHandler {
this.client = client; this.client = client;
} }
/**
* Validate user tokens
*
* @param required Specify whether the user MUST be authenticated or not
*/
public async checkUserTokens(required ?: boolean) {
const token1 = this.postString("userToken1", 0, false);
const token2 = this.postString("userToken2", 0, false);
if(token1.length < 1 || token2.length < 1) {
if(required !== false)
this.error(401, "This method requires the user to be signed in!");
return;
}
// Validate user tokens
this.userID = await AccountHelper.GetUserIdFromTokens(this.getClientInfo(), token1, token2);
if(this.userID < 1)
this.error(412, "Please check your login tokens!");
}
/** /**
* Get information about API client * Get information about API client
*/ */
@ -108,6 +134,16 @@ export class RequestHandler {
return this.client; return this.client;
} }
/**
* Get information about current user
*/
public getUserId() : number {
if(this.userID < 1)
throw Error("Trying to get user ID but none are available!");
return this.userID;
}
/** /**
* Output an error code and throws an error * Output an error code and throws an error
* *

View File

@ -80,6 +80,33 @@ export class AccountHelper {
return row == null ? null : this.DBToUserTokens(row); return row == null ? null : this.DBToUserTokens(row);
} }
/**
* Find a user using its tokens
*
* @param client Information about the client
* @param token1 First token
* @param token2 Second token
* @returns The ID of the target user / -1 if none found
*/
public static async GetUserIdFromTokens(client : APIClient,
token1: string, token2: string) : Promise<number> {
const row = await DatabaseHelper.QueryRow({
table: USERS_TOKENS_TABLE,
fields: ["user_id"],
where: {
service_id: client.id,
token1: token1,
token2: token2
}
});
if(!row)
return -1;
return Number(row.user_id);
}
/** /**
* Crypt a password * Crypt a password
* *

View File

@ -37,6 +37,9 @@ async function init() {
// Check API tokens // Check API tokens
await handler.checkAPITokens(); await handler.checkAPITokens();
// Check user tokens
await handler.checkUserTokens(route.needLogin);
const cb = route.cb(handler); const cb = route.cb(handler);
if(cb) if(cb)
await cb; await cb;