Files
P42_API/p42ApiEndpoints.js
T
2025-09-11 20:39:52 +00:00

184 lines
5.9 KiB
JavaScript

import { Utils } from './helpers/utils.js'
import { verifyPassword } from './helpers/pwd.js'
import { MySQLClient } from './helpers/mysqlClient.js'
export class P42ApiEndpoints{
constructor(app, db) {
this.db = new MySQLClient(db, 60)
this.app = app
this.userinfos = null
this.utils = new Utils()
this.registerPaths()
}
registerPaths(){
this.app.get('/hw', this.hw.bind(this))
this.app.get('/checkauth', this.checkauth.bind(this))
this.app.post('/login', this.login.bind(this))
this.app.get('/logout', this.logout.bind(this))
}
err(req, res, msg, debug, status=500) {
if(!debug) debug = msg
let jsonResp = {'success':false,
'payload': null,
'error': {
'displayMessage' : msg,
'debugMessage' : debug
}
};
res.set('Content-Type', 'application/json');
res.status(status)
res.send(JSON.stringify(jsonResp));
}
ok(req, res, payload) {
let jsonResp = { "success": true,
"payload": payload,
};
res.set('Content-Type', 'application/json');
res.send(JSON.stringify(jsonResp));
}
async makeSession(req, res) {
req.session.userinfo = req.body
console.log('REQ body:', req.body)
this.ok(req, res, {})
}
hasRole(roles) {
if(!this.userinfos.userRoles) return(false)
if(typeof(roles) == 'string') return(this.userinfos.userRoles.includes(roles))
else if(Array.isArray(roles)) {
for(let role of roles) {
if(this.userinfos.userRoles.includes(role)) return(true)
}
}
return(false)
}
///////////////////////////API starts here.../////////////////////////////
async hw(req, res) {
this.ok(req, res, {hello:'world'})
}
async checkauth(req, res) {
if(req.session.userInfos && req.session.authenticated && req.session.userInfos.username) {
this.ok(req, res, {
authenticated: true,
userInfos: this.userInfos,
trials: 3,
locked: false,
})
} else {
let trials = 3
let locked = false
if(req.session.userInfos && req.session.userInfos.username) {
const results = await this.db.execute('SELECT usr_trials, usr_locked FROM users WHERE usr_name = ?', [req.session.userInfos.username])
if(results.length==1){
trials = results[0].usr_trials
locked = results[0].usr_locked
}
}
this.ok(req, res, {
authenticated: false,
userInfos: null,
trials: trials,
locked: locked,
})
}
}
async setUserLock(username, locked, trials){
await this.db.execute('UPDATE users SET usr_locked=?, usr_trials=? WHERE usr_name = ?', [locked, trials, username])
}
async login(req, res) {
let [isValid, payload, errors] = this.utils.validateMapObject(req.body, {
username: ((val, obj) => (typeof(val)=='string') && (val.length>0) && (/^\w+$/.test(val))),
passwd: ((val, obj) => (typeof(val)=='string') && (val.length>0) ),
},{
'username': 'username',
'passwd': 'passwd',
})
if((!isValid)){
this.err(req, res, `Invalid request`, `Invalid login payload:: ${errors}`, 401)
return
}
const results = await this.db.execute('SELECT * FROM users WHERE usr_name = ?', [payload.username])
let pwdCheck = false
let userLocked = false
let trials = 3
if(results.length==1){
userLocked = results[0].usr_locked
trials = results[0].usr_trials
if(userLocked) {
this.ok(req, res, {
authenticated: false,
userInfos: null,
trials: 0,
locked: true,
})
return
}
}
pwdCheck = await verifyPassword(payload.passwd, results[0].usr_pwd)
if(pwdCheck){
req.session.userInfos = {
username: payload.username,
roles: ['admin'],
}
req.session.authenticated = true
await this.setUserLock(payload.username, false, 3)
this.ok(req, res, {
authenticated: true,
userInfos: req.session.userInfos,
trials: 3,
locked: false,
})
} else {
let newtrials = (trials>0) ? trials-1 : 0
if(newtrials == 0){
await this.setUserLock(payload.username, true, 0)
this.ok(req, res, {
authenticated: false,
userInfos: null,
trials: 0,
locked: true,
})
return
} else {
await this.setUserLock(payload.username, false, newtrials)
}
req.session.authenticated = false
req.session.userInfos = null
this.ok(req, res, {
authenticated: false,
userInfos: null,
trials: newtrials,
locked: false,
})
}
}
async logout(req, res) {
if(req.session.userInfos && req.session.authenticated) {
req.session.authenticated = false
this.ok(req, res, {
authenticated: false,
userInfos: null,
trials: 3,
locked: false,
})
}
}
}