Archivist
/
authenticate
forked from Archivist/sales_backend
2
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Refactor files to make the the app more consistent

master
Archivist 5 years ago
parent
c4876f5092
commit
b37e95a927
3 changed files with 92 additions and 98 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +9
    -0
      src/config.cr
  2. +1
    -98
      src/sales_backend.cr
  3. +82
    -0
      src/sales_backend/http/user.cr

+ 9
- 0
src/config.cr
File diff suppressed because it is too large
View File


+ 1
- 98
src/sales_backend.cr
File diff suppressed because it is too large
View File


+ 82
- 0
src/sales_backend/http/user.cr View File

@ -0,0 +1,82 @@
require "kemal"
require "../*"
require "io"
require "file"
require "exception"
require "crypto/bcrypt/password"
require "uuid"
require "uuid/json"
require "../../config"
def authenticate(user : String, token : UUID) : (User | Nil)
user_file = User.from_json File.read(Statics.data_path+"user/"+user)
if nil == user_file.tokens.not_nil!.find{ |tok| token == tok}
nil
else
user_file.password_hash = ""
user_file
end
end
def authenticate!(user : String, token : UUID) : User
authenticate(user, token).not_nil!
end
post "/login" do |context|
user = User.from_json context.request.body.not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
if Crypto::Bcrypt::Password.new(user_file.password_hash.not_nil!) == user.password_hash.not_nil!
else
raise Exception.new("Invalid password")
end
token = UUID.random()
if user_file.tokens.nil?
user_file.tokens = Array(UUID).new
user_file.tokens.not_nil!<<token
else
user_file.tokens.not_nil!<<token
end
if user_file.tokens.not_nil!.size>5
user_file.tokens = user_file.tokens.not_nil!.last(5)
end
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
token.to_json
end
post "/logout" do |context|
user = User.from_json context.request.body.not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
user_file.tokens=user_file.tokens.not_nil!-user.tokens.not_nil!
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
"OK".to_json
end
post "/logout-all" do |context|
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
user_file.tokens=Array(UUID).new
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
"OK".to_json
end
post "/user" do |context|
user = User.from_json context.request.body.not_nil!
ph = user.password_hash
user.tokens = Array(UUID).new
user.invoices = Array(Invoice).new
if ph.nil?
raise Exception.new("No password provided")
else
user.password_hash=Crypto::Bcrypt::Password.create(ph,cost: 12).to_s
end
if Statics.email_regex.match(user.email)==nil
raise Exception.new("Bad email address")
end
File.write(Statics.data_path+"user/"+user.email,user.to_json)
"OK".to_json
end
get "/user" do |context|
authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"])).to_json
end

Write Preview
Loading…
Cancel
Save