andreas/portfolio2023
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixed api routes

Browse Source
This commit is contained in:
Andreas
2023-06-12 05:02:59 +02:00
parent c036418a87
commit 23aa9e4e2f
6 changed files with 197 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
src/model/sequelize/User.ts Normal file
View File

@@ -0,0 +1,39 @@
import { Sequelize, DataTypes, Optional, Model } from 'sequelize';
const sequelize = new Sequelize({
dialect: 'sqlite',
storage: 'db.sqlite'
});
interface UserAttributes{
id: number;
username: string;
password: string;
};
interface UserCreationAttributes extends Optional<UserAttributes, 'id'>{};
class UserModel extends Model<UserAttributes, UserCreationAttributes>{
createdAt?: Date;
updatedAt?: Date;
username: string = "";
password: string = "";
id: undefined;
// declare title
}
export const MUser = sequelize.define<UserModel>(
'User',
{
id: {
allowNull: false,
autoIncrement: true,
type: DataTypes.INTEGER,
primaryKey: true,
unique: true,
},
username: {
allowNull: false,
type: DataTypes.STRING,
},
password: {
allowNull: false,
type: DataTypes.STRING,
}
}
);

111
src/pages/api/auth/index.ts
View File

@@ -3,50 +3,79 @@ import { getConnection } from "@/db";
import { Post, postPlaceholder } from "@/model/Models";
import { getPosts, IPost } from "@/controller/Post";
import { NextApiRequest, NextApiResponse } from "next";
import { MPost, MUser, MAuth } from "@/model/Models"
import { Sequelize } from "sequelize";
import { Elsie_Swash_Caps } from "next/font/google";
// import { MPost, MUser, MAuth } from "@/model/Models"
import { MPost } from "@/model/sequelize/Post";
import { MUser } from "@/model/sequelize/User";
import { MAuth } from "@/model/sequelize/Auth";
export default async function handler(req:NextApiRequest, res:NextApiResponse) {
await MUser.sync();
await MAuth.sync();
switch (req.method) {
case 'POST':
case 'GET':
const users = await MUser.findAll();
// res.status(200).json(posts);
let username = req.body.username;
let password = req.body.password;
console.log(req.body );
if(users.length == 0){
MUser.create({
username: "admin",
password: "changeme"
})
}
users.forEach(user => async {
if(user.username == username && user.password == password){
try{
const authtoken = await MAuth.findOne({where : {user_id: user.id}});
if(authtoken != null){
res.status(200).json({"status":"correct"});
console.log(authtoken);
}
else{
res.status(200).json({"status":"no such auth token"});
}
} catch(e){
console.log(e);
}
import { DataType, Model, Sequelize, UUID } from "sequelize";
import { validatePassword, hashPassword } from "@/util/Auth";
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === 'GET') {
let auth;
try {
const authString = Buffer.from(req.headers.authorization.split(" ")[1], "base64").toString("utf8");
auth = authString.split(":");
} catch (error) {
res.status(500).json("Basic Auth is required");
return;
}
console.log(auth);
const username = auth[0];
const password = auth[1];
// console.log(req.body);
await MUser.sync()
.then(async user => {
// console.log(user);
return await MAuth.sync();
})
.then(async auth => {
// console.log(auth);
return await MUser.findOne({ where: { username: username } });
})
.then(async user => {
// console.log(user);
if (user == undefined) {
throw "no such user exists";
}
else{
console.log(user.password);
res.status(200).json({"status":"incorrect"});
return user;
}
});
break;
default:
break;
})
.then(async user => {
const passIsValid = await validatePassword(password, user.password);
return {passIsValid, user};
})
.then(async ({passIsValid, user})=>{
if(passIsValid){
const authtoken = await MAuth.findOne({ where: { user_id: user.id } });
return {authtoken, user}
}
else{
throw("invalid password");
}
})
.then(async ({authtoken, user}) => {
if (authtoken == null) {
if (typeof user.id === "number") {
// console.log("creating new auth token")
return await MAuth.create({ user_id: user.id });
}
}
else {
return authtoken
}
}).then(authtoken => {
if (authtoken != null) {
// console.log(authtoken);
res.status(200).json(authtoken);
}
})
.catch(error => {
res.status(500).json(error);
});
}
}

44
src/pages/api/user/index.ts Normal file
View File

@@ -0,0 +1,44 @@
import mysql2, { Connection, RowDataPacket, OkPacket, QueryError } from "mysql2";
import { getConnection } from "@/db";
import { Post, postPlaceholder } from "@/model/Models";
import { getPosts, IPost } from "@/controller/Post";
import { NextApiRequest, NextApiResponse } from "next";
// import { MPost, MUser, MAuth } from "@/model/Models"
import { MPost } from "@/model/sequelize/Post";
import { MUser } from "@/model/sequelize/User";
import { MAuth } from "@/model/sequelize/Auth";
import { DataType, Model, Sequelize, UUID } from "sequelize";
import { validatePassword, hashPassword } from "@/util/Auth";
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === 'POST') {
const username = req.body.username;
const password = req.body.password;
console.log(req.body);
const user = await MUser.sync()
.then(async f => {
return await MUser.findOne({ where: { username: username } });
})
.then(async user => {
if (user == undefined) {
const hash = await hashPassword(password)
return await MUser.create({
username: username,
password: hash
})
}
else{
throw "User with that username already exists";
}
})
.then(user =>{
res.status(200).json(user)
})
.catch(error => {
res.status(500).json(error);
});
}
}

14
src/util/Auth.ts Normal file
View File

@@ -0,0 +1,14 @@
import { hash, compare } from "bcrypt";
export async function validatePassword(password:string, hashString:string){
const result = await compare(password, hashString);
return result;
}
export async function hashPassword(password:string){
const hashString = await hash(password, 10);
return hashString;
}
export default { validatePassword, hashPassword };