99 lines
3.1 KiB
TypeScript
99 lines
3.1 KiB
TypeScript
// import mysql2, { Connection, RowDataPacket, OkPacket, QueryError } from "mysql2";
|
|
import { getConnection } from "@/db";
|
|
// import { Post, postPlaceholder } from "@/model/Models";
|
|
import { getPosts, IPost } from "@/controller/Post";
|
|
import { NextApiRequest, NextApiResponse } from "next";
|
|
import { MPost } from "@/model/sequelize/Post";
|
|
import { MUser, UserModel } from "@/model/sequelize/User";
|
|
import { MAuth } from "@/model/sequelize/Auth";
|
|
import { cookies } from 'next/headers';
|
|
import { setCookie } from '@/util/Cookies';
|
|
|
|
import { DataType, Model, Sequelize, UUID } from "sequelize";
|
|
import { validatePassword, hashPassword } from "@/util/Auth";
|
|
|
|
function getAuth(req: NextApiRequest) {
|
|
if (req.headers.authorization === undefined) {
|
|
throw "Basic Auth is required";
|
|
}
|
|
const authString = Buffer.from(req.headers.authorization.split(" ")[1], "base64").toString("utf8");
|
|
return authString.split(":");
|
|
|
|
};
|
|
|
|
type UserCredentials = {
|
|
user: UserModel | undefined,
|
|
valid: boolean
|
|
}
|
|
|
|
async function verifyUserCredentials(req: NextApiRequest, res: NextApiResponse): Promise<UserCredentials | undefined> {
|
|
// let user = await MUser.findOne({ where: { username: username } });
|
|
const auth = getAuth(req) || ["", ""];
|
|
console.log(auth);
|
|
let credentials: UserCredentials = { user: undefined, valid: false }
|
|
const username = auth[0];
|
|
const password = auth[1];
|
|
// console.log(req.body);
|
|
await MUser.sync();
|
|
await MAuth.sync();
|
|
|
|
let user = await MUser.findOne({ where: { username: username } });
|
|
if (user == undefined) {
|
|
res.status(401).json("User does not exist");
|
|
return;
|
|
}
|
|
|
|
if (!(await validatePassword(password, user.password))) {
|
|
res.status(401).json("Invalid password");
|
|
return;
|
|
}
|
|
|
|
credentials.valid = true;
|
|
credentials.user = user;
|
|
return credentials;
|
|
}
|
|
|
|
async function GET(req: NextApiRequest, res: NextApiResponse) {
|
|
let a = req.cookies;
|
|
console.log(a);
|
|
let credentials = { userid: req.query.userid, token: req.query.token };
|
|
let authtoken = await MAuth.findOne({
|
|
where: {
|
|
token: credentials.token,
|
|
user_id: credentials.userid
|
|
}
|
|
});
|
|
if(authtoken){
|
|
// res.setHeader("cookie")
|
|
setCookie(res, 'auth', authtoken, { path: '/', maxAge: 2592000 });
|
|
res.status(200).end();
|
|
}
|
|
else{
|
|
res.status(401).end();
|
|
}
|
|
// console.log(a);
|
|
// res.status(200).json(authtokens);
|
|
}
|
|
async function POST(req: NextApiRequest, res: NextApiResponse) {
|
|
|
|
const credentials = await verifyUserCredentials(req, res);
|
|
if (!credentials || !credentials.valid || !credentials.user)
|
|
return;
|
|
const user = await MUser.findOne({ where: { username: credentials.user.username } });
|
|
if (!user)
|
|
return;
|
|
|
|
res.status(200).json(await MAuth.create({ user_id: user.id }));
|
|
}
|
|
|
|
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
switch (req.method){
|
|
case 'GET':
|
|
GET(req, res); break;
|
|
case 'POST':
|
|
POST(req, res); break;
|
|
default:
|
|
res.status(404).end();
|
|
break;
|
|
}
|
|
} |