mirror of
https://gitlab.com/comunic/comunicapiv2
synced 2024-11-22 13:29:22 +00:00
Can check user tokens
This commit is contained in:
parent
1ddf156cc4
commit
c304c2f88e
@ -17,14 +17,15 @@ export interface Route {
|
|||||||
type ?: RouteType,
|
type ?: RouteType,
|
||||||
path: string,
|
path: string,
|
||||||
cb: (req : RequestHandler) => Promise<void> | void,
|
cb: (req : RequestHandler) => Promise<void> | void,
|
||||||
|
needLogin ?: boolean, // Default = true
|
||||||
}
|
}
|
||||||
|
|
||||||
export const Routes : Route[] = [
|
export const Routes : Route[] = [
|
||||||
|
|
||||||
// Welcome controller
|
// Welcome controller
|
||||||
{type: RouteType.GET, path: "/", cb: WelcomeController.HomeMessage},
|
{type: RouteType.GET, path: "/", cb: WelcomeController.HomeMessage, needLogin: false},
|
||||||
|
|
||||||
// Account controller
|
// Account controller
|
||||||
{path: "/account/login", cb: AccountController.LoginUser},
|
{path: "/account/login", cb: AccountController.LoginUser, needLogin: false},
|
||||||
{path: "/user/connectUSER", cb: AccountController.LoginUser}, // Legacy
|
{path: "/user/connectUSER", cb: AccountController.LoginUser, needLogin: false}, // Legacy
|
||||||
]
|
]
|
@ -2,6 +2,7 @@ import { Response, Request } from "express";
|
|||||||
import { APIHelper } from "../helpers/APIHelper";
|
import { APIHelper } from "../helpers/APIHelper";
|
||||||
import { APIClient } from "./APIClient";
|
import { APIClient } from "./APIClient";
|
||||||
import { checkMail } from "../utils/StringUtils";
|
import { checkMail } from "../utils/StringUtils";
|
||||||
|
import { AccountHelper } from "../helpers/AccountHelper";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Response to a request
|
* Response to a request
|
||||||
@ -12,6 +13,7 @@ import { checkMail } from "../utils/StringUtils";
|
|||||||
export class RequestHandler {
|
export class RequestHandler {
|
||||||
|
|
||||||
private client : APIClient = null;
|
private client : APIClient = null;
|
||||||
|
private userID : number = -1;
|
||||||
|
|
||||||
private responseSent = false;
|
private responseSent = false;
|
||||||
|
|
||||||
@ -97,6 +99,30 @@ export class RequestHandler {
|
|||||||
this.client = client;
|
this.client = client;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate user tokens
|
||||||
|
*
|
||||||
|
* @param required Specify whether the user MUST be authenticated or not
|
||||||
|
*/
|
||||||
|
public async checkUserTokens(required ?: boolean) {
|
||||||
|
|
||||||
|
const token1 = this.postString("userToken1", 0, false);
|
||||||
|
const token2 = this.postString("userToken2", 0, false);
|
||||||
|
|
||||||
|
if(token1.length < 1 || token2.length < 1) {
|
||||||
|
if(required !== false)
|
||||||
|
this.error(401, "This method requires the user to be signed in!");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// Validate user tokens
|
||||||
|
this.userID = await AccountHelper.GetUserIdFromTokens(this.getClientInfo(), token1, token2);
|
||||||
|
|
||||||
|
if(this.userID < 1)
|
||||||
|
this.error(412, "Please check your login tokens!");
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get information about API client
|
* Get information about API client
|
||||||
*/
|
*/
|
||||||
@ -108,6 +134,16 @@ export class RequestHandler {
|
|||||||
return this.client;
|
return this.client;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get information about current user
|
||||||
|
*/
|
||||||
|
public getUserId() : number {
|
||||||
|
if(this.userID < 1)
|
||||||
|
throw Error("Trying to get user ID but none are available!");
|
||||||
|
|
||||||
|
return this.userID;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Output an error code and throws an error
|
* Output an error code and throws an error
|
||||||
*
|
*
|
||||||
|
@ -80,6 +80,33 @@ export class AccountHelper {
|
|||||||
return row == null ? null : this.DBToUserTokens(row);
|
return row == null ? null : this.DBToUserTokens(row);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Find a user using its tokens
|
||||||
|
*
|
||||||
|
* @param client Information about the client
|
||||||
|
* @param token1 First token
|
||||||
|
* @param token2 Second token
|
||||||
|
* @returns The ID of the target user / -1 if none found
|
||||||
|
*/
|
||||||
|
public static async GetUserIdFromTokens(client : APIClient,
|
||||||
|
token1: string, token2: string) : Promise<number> {
|
||||||
|
|
||||||
|
const row = await DatabaseHelper.QueryRow({
|
||||||
|
table: USERS_TOKENS_TABLE,
|
||||||
|
fields: ["user_id"],
|
||||||
|
where: {
|
||||||
|
service_id: client.id,
|
||||||
|
token1: token1,
|
||||||
|
token2: token2
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
if(!row)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
return Number(row.user_id);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Crypt a password
|
* Crypt a password
|
||||||
*
|
*
|
||||||
|
@ -37,6 +37,9 @@ async function init() {
|
|||||||
// Check API tokens
|
// Check API tokens
|
||||||
await handler.checkAPITokens();
|
await handler.checkAPITokens();
|
||||||
|
|
||||||
|
// Check user tokens
|
||||||
|
await handler.checkUserTokens(route.needLogin);
|
||||||
|
|
||||||
const cb = route.cb(handler);
|
const cb = route.cb(handler);
|
||||||
if(cb)
|
if(cb)
|
||||||
await cb;
|
await cb;
|
||||||
|
Loading…
Reference in New Issue
Block a user