Archivist
/
authenticate
forked from Archivist/sales_backend
2
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
An authentication server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 Commits
1 Branch
712 KiB
 
 
Tree: 470c93af7f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '470c93af7f'
${ noResults }
authenticate/src/authenticate/http/user.cr

179 lines
5.7 KiB
Raw Blame History

require "kemal"
require "../*"
require "io"
require "file"
require "exception"
require "crypto/bcrypt/password"
require "uuid"
require "uuid/json"
require "../../config"
def authenticate(user : String, token : UUID) : (User | Nil)
user_file = User.from_json File.read(Statics.data_path+"user/"+user)
if nil == user_file.tokens.not_nil!.find{ |tok| token == tok}
nil
else
user_file.password_hash = ""
user_file
end
end
def authenticate!(user : String, token : UUID) : User
authenticate(user, token).not_nil!
end
def authenticate_admin!(user : String, token : UUID) : User
user = authenticate(user, token).not_nil!
if(user.type==UserType::Administrator)
return user
end
raise "Administrator only"
end
post "/login" do |context|
user : User
user_file : User
begin
user = User.from_json context.request.body.not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
rescue ex
halt context, status_code: 403, response: ex.to_s
end
if Crypto::Bcrypt::Password.new(user_file.password_hash.not_nil!) == user.password_hash.not_nil!
else
halt context, status_code: 403, response: "Invalid password"
end
token = UUID.random()
if user_file.tokens.nil?
user_file.tokens = Array(UUID).new
user_file.tokens.not_nil!<<token
else
user_file.tokens.not_nil!<<token
end
if user_file.tokens.not_nil!.size>5
user_file.tokens = user_file.tokens.not_nil!.last(5)
end
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
context.response.content_type = "application/json"
token.to_json
end
post "/logout" do |context|
user = User.from_json context.request.body.not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
user_file.tokens=user_file.tokens.not_nil!-user.tokens.not_nil!
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
context.response.content_type = "application/json"
"OK".to_json
end
post "/logout-all" do |context|
user : User
begin
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
rescue ex
halt context, status_code: 403, response: ex.to_s
end
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
user_file.tokens=Array(UUID).new
File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
context.response.content_type = "application/json"
"OK".to_json
end
post "/user" do |context|
user = User.from_json context.request.body.not_nil!
ph = user.password_hash
user.tokens = Array(UUID).new
user.invoices = Array(Invoice).new
if ph.nil?
raise Exception.new("No password provided")
else
user.password_hash=Crypto::Bcrypt::Password.create(ph,cost: 12).to_s
end
if Statics.email_regex.match(user.email)==nil
raise Exception.new("Bad email address")
end
if File.exists?(Statics.data_path+"user/"+user.email)
raise Exception.new("Email address already in use")
end
File.write(Statics.data_path+"user/"+user.email,user.to_json)
context.response.content_type = "application/json"
"OK".to_json
end
get "/user/tokens" do |context|
user : User
begin
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
rescue ex
halt context, status_code: 403, response: ex.to_s
end
context.response.content_type = "application/json"
user.tokens.to_json
end
get "/user/address" do |context|
user : User
begin
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
rescue ex
halt context, status_code: 403, response: ex.to_s
end
context.response.content_type = "application/json"
user.addresses.to_json
end
post "/user/address" do |context|
user : User
begin
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
rescue ex
halt context, status_code: 403, response: ex.to_s
end
addresses = Array(Address).from_json(context.request.body.not_nil!).not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
old_list=user_file.addresses
if old_list.nil?
else
addresses=old_list+addresses
end
user_file.addresses=addresses
File.write(Statics.data_path+"user/"+user.email,user_file.to_json)
context.response.content_type = "application/json"
"OK".to_json
end
delete "/user/address" do |context|
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
addresses = Array(Address).from_json(context.request.body.not_nil!).not_nil!
user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
old_list=user_file.addresses
if old_list.nil?
addresses=Array(Address).new
else
addresses=old_list.select do |v|
isin=false
addresses.each do |va|
isin |= v==va
end
!isin
end
end
user_file.addresses=addresses
File.write(Statics.data_path+"user/"+user.email,user_file.to_json)
context.response.content_type = "application/json"
"OK".to_json
end
get "/user" do |context|
context.response.content_type = "application/json"
user : User | Nil
begin
user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
rescue ex
halt context, status_code: 403, response: ex.to_s
end
user.not_nil!
end