andreas/portfolio2023
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

changes

Browse Source
This commit is contained in:
Andreas Schaafsma
2024-05-25 01:17:39 +02:00
parent a7f24f6229
commit 8c56a9421e
27 changed files with 467 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/app/admin/layout.tsx Normal file
View File

@@ -0,0 +1,24 @@
import '../globals.css'
import { Inter } from 'next/font/google'
import StyledJsxRegistry from '../registry';
import Providers from '@/providers/providers';
import 'bootstrap/dist/css/bootstrap.css';
const inter = Inter({ subsets: ['latin'], fallback: ['system-ui', 'arial'] })
export const metadata = {
title: 'Create Next App',
description: 'Generated by create next app',
}
export default function RootLayout({
children,
}: {
children: React.ReactNode
}) {
return (
<html lang="en">
<body className={inter.className}><StyledJsxRegistry><Providers>{children}</Providers></StyledJsxRegistry></body>
</html>
)
}

6
src/app/admin/page.tsx
View File

@@ -5,9 +5,9 @@ import { cookies } from "next/headers";
export default async function Page(){
return (
<main className="h-screen w-screen flex flex-col p-10 bg-background-500 box-border m-0">
<AuthHandler params={null}><AdminPanel><p>this is only shown on the admin panel</p></AdminPanel></AuthHandler>
<section>{JSON.stringify(cookies().getAll())}</section>
<main className="h-screen w-screen flex flex-col p-0 bg-background-500 box-border m-0">
<AuthHandler params={null}><AdminPanel></AdminPanel></AuthHandler>
{/* <section>{JSON.stringify(cookies().getAll())}</section> */}
</main>
);
}

4
src/app/api/auth/route.ts
View File

@@ -2,8 +2,8 @@
import { cookies } from "next/headers";
import { APIError} from "@/api/error"
import { UserAuth, parseBasicAuth, getAssociatedUser } from "@/api/user"
import { APIError} from "@/util/api/error"
import { UserAuth, parseBasicAuth, getAssociatedUser } from "@/util/api/user"
import { Auth, User } from "@/model/Models";

4
src/app/api/auth/validate/route.ts
View File

@@ -7,8 +7,8 @@ import { cookies } from "next/headers";
import { Auth } from "@/model/Models";
import { APIError} from "@/api/error"
import { UserAuth, parseBasicAuth, getAssociatedUser } from "@/api/user"
import { APIError} from "@/util/api/error"
import { UserAuth, parseBasicAuth, getAssociatedUser } from "@/util/api/user"
async function tryAuth(request:Request){

2
src/app/api/post/[...slug]/route.ts
View File

@@ -1,6 +1,6 @@
'use server'
import { APIError } from "@/api/error";
import { APIError } from "@/app/lib/api/error";
import { Post } from "@/model/Models";

67
src/app/api/post/route.ts
View File

@@ -1,6 +1,6 @@
'use server'
import { APIError } from "@/api/error";
import { APIError, attemptAPIAction } from "@/util/api/error";
import { Auth, Post, PostTag, Tag, User } from "@/model/Models";
import { cookies } from "next/headers";
@@ -25,55 +25,45 @@ async function tryCreatePost(request: Request) {
const authObject = JSON.parse(cookieJSON);
// Fetch User Auth from the database
const auth:any = await Auth.findOne({ include: 'user', where: { token: authObject.token } });
const auth = await Auth.findOne({
include: [
{
model: User.withScope(['withPerms']),
attributes: {
exclude: ['username', 'password', 'updatedAt', 'createdAt']
}
}
],
where: { token: authObject.token }
});
// Sanity check the auth and associated user
if (!auth || !auth.user) throw new APIError({ status: 401, responseText: "Authentication Error" });
const user = auth.user;
if (!auth || !auth.user) throw new APIError({ status: 401, responseText: "Authentication Error" });
// Handle incomplete data or other problems
if (!requestBody) throw new APIError({ status: 500, responseText: "Empty request body" });
if (!requestBody.title) throw new APIError({ status: 500, responseText: "Missing post title" });
if (!requestBody.content) throw new APIError({ status: 500, responseText: "Missing post content" });
if (!user.id) throw new APIError({ status: 500, responseText: "Missing user id" });
if (!user.perms || !user.perms.isAdmin) throw new APIError({ status: 401, responseText: "Unauthorized" });
if (!requestBody) throw new APIError({ status: 500, responseText: "Empty request body" });
if (!requestBody.title) throw new APIError({ status: 500, responseText: "Missing post title" });
if (!requestBody.content) throw new APIError({ status: 500, responseText: "Missing post content" });
if (!auth.user.id) throw new APIError({ status: 500, responseText: "Missing user id" });
if (!auth.user.perms || !auth.user.perms.isAdmin) throw new APIError({ status: 401, responseText: `Unauthorized ${JSON.stringify(auth.user)}` });
// Create a new Post in the database
const post = await Post.create(
{
content: requestBody.content,
user_id: user.id,
user_id: auth.user.id,
title: requestBody.title,
},{
include: {
association: Post.associations.user
}
}).then(post=>post.reload())
// // Find the post (Unneeded but nice to check)
// const foundPost = await Post.findOne({
// include: "user",
// where: {
// id: post.id
// }
// })
// Return the response
return new Response(JSON.stringify(post), { status: 200 });
}
export async function POST(request: Request) {
try {
return await tryCreatePost(request);
}
catch (e) {
if (e instanceof APIError) {
return new Response(e.info.responseText, { status: e.info.status });
}
else {
throw e;
}
}
}
async function tryFetchPosts(request: Request) {
@@ -94,18 +84,9 @@ async function tryFetchPosts(request: Request) {
}
export async function GET(request: Request) {
try {
return await tryFetchPosts(request);
}
catch (e) {
if (e instanceof APIError) {
return new Response(e.info.responseText, { status: e.info.status });
}
else {
throw e;
}
}
return await attemptAPIAction(tryFetchPosts,request);
}
export async function POST(request: Request) {
return await attemptAPIAction(tryCreatePost,request);
}

4
src/app/api/user/route.ts
View File

@@ -8,8 +8,8 @@
*
* ================================================================================================= */
import { APIError } from "@/api/error";
import { UserAuth } from "@/api/user";
import { APIError } from "@/util/api/error";
import { UserAuth } from "@/util/api/user";
import { UserPerms, User, Auth } from "@/model/Models"; // Do not alter "unused" imports, they are required to perform the nescessairy includes on the User model
import { hashPassword } from "@/util/Auth";

90
src/app/lib/actions.ts
View File

@@ -1,68 +1,66 @@
'use server'
import { constructAPIUrl } from "@/util/Utils"
// import { signIn } from '@/auth'
import { cookies } from "next/headers"
import { cookies } from "next/headers"
import { parseSetCookie } from "@/util/parseSetCookie";
import makeFetchCookie from 'fetch-cookie';
import fetchCookie from "fetch-cookie";
import makeFetchCookie from 'fetch-cookie';
import fetchCookie from "fetch-cookie";
import { Attributes } from "@sequelize/core";
import { User } from "@/model/User";
type LoginReturn = {
cookie?:unknown,
errorMessage?:string;
}
async function attemptAPILogin(method:string,b:FormData):Promise<LoginReturn|null>
async function attemptAPILogin(method:string,formData:FormData):Promise<LoginReturn|null>
{
console.log("form data:");
console.log(b);
if(!b || !b.get('input_username') || !b.get('input_password')) return null;
let headers:Headers = new Headers();
const { CookieJar, Cookie } = fetchCookie.toughCookie;
const cj = new CookieJar()
const fetchKoek = makeFetchCookie(fetch, cj);
// Set Basic Auth
headers.set('Authorization', `Basic ${Buffer.from(`${b.get('input_username')}:${b.get('input_password')}`).toString('base64')}`);
let res = await fetchKoek(constructAPIUrl("auth"), {
method:'POST',
credentials: 'include',
headers:headers,
});
console.log(cj.store.idx['localhost']['/']);
// if(res.headers.get('set-coo')) console.log(res.headers['set-cookie'])
let koek = res.headers.getSetCookie();
// console.log("api koek:" + koek.map((k)=>decodeURIComponent(k)));
let cookieDict = parseSetCookie(koek);
console.log("testing cookiedict")
console.log(cookieDict);
await cookies().set('auth', cookieDict.auth);
return {
cookie:cookieDict.auth,
errorMessage:""
};
// console.log(koek);
// Check if form data is present with required fields, return null if not
if(!formData || !formData.get('input_username') || !formData.get('input_password')) return null;
// Instantiate header object
let headers:Headers = new Headers();
// Prepare fetchCookie
const { CookieJar, Cookie } = fetchCookie.toughCookie;
const jar = new CookieJar()
const fetchWithCookie = makeFetchCookie(fetch, jar);
// Set Basic Auth
headers.set('Authorization', `Basic ${Buffer.from(`${formData.get('input_username')}:${formData.get('input_password')}`).toString('base64')}`);
let res = await fetchWithCookie(constructAPIUrl("auth"), {
method:'POST',
credentials: 'include',
headers:headers,
});
console.log(jar.store.idx['localhost']['/']);
let koek = res.headers.getSetCookie();
let cookieDict = parseSetCookie(koek);
await cookies().set('auth', cookieDict.auth);
return {
cookie:cookieDict.auth,
errorMessage:""
};
// console.log(koek);
}
export async function serverAttemptAuthenticateUser(_currentState: unknown, formData: FormData):Promise<LoginReturn|null>
{
console.log("action triggered")
try {
try {
const signInStatus = await attemptAPILogin('credentials', formData)
return signInStatus;
} catch (error:any) {
if (error) {
switch (error.type) {
case 'CredentialsSignin':
return {
errorMessage: 'invalidCredentials'
}
default:
return {
errorMessage: 'Something went wrong.'
}
case 'CredentialsSignin': return { errorMessage: 'invalidCredentials' };
default: return { errorMessage: 'Something went wrong.' };
}
}
throw error
throw Error
}
}
@@ -78,4 +76,10 @@ export async function serverValidateSessionCookie(koek:string):Promise<boolean>
return true
else
return false
}
export async function userIsAdmin(user:Partial<Attributes<User>>):Promise<boolean>
{
return false;
}