api in groups + agents types & sprites
This commit is contained in:
+156
@@ -0,0 +1,156 @@
|
||||
import { authGuard } from '../authGuard.js'
|
||||
import { verifyPassword } from '../helpers/pwd.js'
|
||||
|
||||
export const mappings = [
|
||||
{ method: 'get', url:'/checkauth', handler: 'checkauth', middlewares: []},
|
||||
{ method: 'post', url:'/login', handler: 'login', middlewares: []},
|
||||
{ method: 'get', url:'/logout', handler: 'logout', middlewares: []},
|
||||
{ method: 'get', url:'/preferences', handler: 'getPrefs', middlewares: [authGuard]},
|
||||
{ method: 'put', url:'/preferences', handler: 'setPrefs', middlewares: [authGuard]},
|
||||
]
|
||||
|
||||
export const methods = {
|
||||
async checkauth(req, res) {
|
||||
if(req.session.userInfos && req.session.authenticated && req.session.userInfos && req.session.userInfos.identity && req.session.userInfos.identity.username) {
|
||||
this.ok(req, res, {
|
||||
authenticated: true,
|
||||
userInfos: req.session.userInfos,
|
||||
trials: 3,
|
||||
locked: false,
|
||||
})
|
||||
} else {
|
||||
let trials = 3
|
||||
let locked = false
|
||||
if(req.session.userInfos && req.session.userInfos.identity && req.session.userInfos.identity.username) {
|
||||
const results = await this.db.execute('SELECT usr_trials, usr_locked FROM users WHERE usr_name = ?', [req.session.userInfos.username])
|
||||
if(results.length==1){
|
||||
trials = results[0].usr_trials
|
||||
locked = results[0].usr_locked
|
||||
}
|
||||
}
|
||||
this.ok(req, res, {
|
||||
authenticated: false,
|
||||
userInfos: null,
|
||||
trials: trials,
|
||||
locked: locked,
|
||||
})
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
async setUserLock(username, locked, trials){
|
||||
await this.db.execute('UPDATE users SET usr_locked=?, usr_trials=? WHERE usr_name = ?', [locked, trials, username])
|
||||
},
|
||||
|
||||
async login(req, res) {
|
||||
let [isValid, payload, errors] = this.utils.validateMapObject(req.body, {
|
||||
username: ((val, obj) => (typeof(val)=='string') && (val.length>0) && (/^\w+$/.test(val))),
|
||||
passwd: ((val, obj) => (typeof(val)=='string') && (val.length>0) ),
|
||||
},{
|
||||
'username': 'username',
|
||||
'passwd': 'passwd',
|
||||
})
|
||||
|
||||
if((!isValid)){
|
||||
this.err(req, res, `Invalid request`, `Invalid login payload:: ${errors}`, 401)
|
||||
return
|
||||
}
|
||||
|
||||
const results = await this.db.execute('SELECT * FROM users WHERE usr_name = ?', [payload.username])
|
||||
let pwdCheck = false
|
||||
let userLocked = false
|
||||
let trials = 3
|
||||
if(results.length==1){
|
||||
userLocked = results[0].usr_locked
|
||||
trials = results[0].usr_trials
|
||||
if(userLocked) {
|
||||
this.ok(req, res, {
|
||||
authenticated: false,
|
||||
userInfos: null,
|
||||
trials: 0,
|
||||
locked: true,
|
||||
})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if(results.length>0) pwdCheck = await verifyPassword(payload.passwd, results[0].usr_pwd)
|
||||
if(pwdCheck){
|
||||
req.session.userInfos = {
|
||||
identity:{
|
||||
username: payload.username,
|
||||
uuid: results[0].usr_uuid,
|
||||
},
|
||||
roles: ['admin'],
|
||||
}
|
||||
req.session.authenticated = true
|
||||
|
||||
await this.setUserLock(payload.username, false, 3)
|
||||
this.ok(req, res, {
|
||||
authenticated: true,
|
||||
userInfos: req.session.userInfos,
|
||||
trials: 3,
|
||||
locked: false,
|
||||
})
|
||||
} else {
|
||||
let newtrials = (trials>0) ? trials-1 : 0
|
||||
if(newtrials == 0){
|
||||
await this.setUserLock(payload.username, true, 0)
|
||||
this.ok(req, res, {
|
||||
authenticated: false,
|
||||
userInfos: null,
|
||||
trials: 0,
|
||||
locked: true,
|
||||
})
|
||||
return
|
||||
} else {
|
||||
await this.setUserLock(payload.username, false, newtrials)
|
||||
}
|
||||
|
||||
req.session.authenticated = false
|
||||
req.session.userInfos = null
|
||||
this.ok(req, res, {
|
||||
authenticated: false,
|
||||
userInfos: null,
|
||||
trials: newtrials,
|
||||
locked: false,
|
||||
})
|
||||
}
|
||||
},
|
||||
|
||||
async logout(req, res) {
|
||||
if(req.session.userInfos && req.session.authenticated) {
|
||||
req.session.authenticated = false
|
||||
this.ok(req, res, {
|
||||
authenticated: false,
|
||||
userInfos: null,
|
||||
trials: 3,
|
||||
locked: false,
|
||||
})
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
async getPrefs(req, res) {
|
||||
const results = await this.db.execute(`
|
||||
SELECT * FROM preferences
|
||||
LEFT JOIN users ON prf_usr_id=usr_id
|
||||
WHERE usr_uuid = ?
|
||||
`, [req.session.userInfos.identity.uuid])
|
||||
let prefs = {}
|
||||
if(results.length){ prefs = results[0].prf_value }
|
||||
this.ok(req, res, prefs)
|
||||
},
|
||||
|
||||
|
||||
async setPrefs(req, res) {
|
||||
const results = await this.db.execute(`
|
||||
INSERT INTO preferences (prf_usr_id, prf_value)
|
||||
SELECT usr_id, ?
|
||||
FROM users
|
||||
WHERE usr_uuid = ?
|
||||
ON DUPLICATE KEY UPDATE prf_value = ?
|
||||
`, [req.body, req.session.userInfos.identity.uuid, req.body])
|
||||
this.ok(req, res, {})
|
||||
},
|
||||
}
|
||||
Reference in New Issue
Block a user