JPT
/
dashboard
0
0
Fork 0
Code Issues Pull Requests Activity

[TASK] Move /session API handler to src/Session.api.js.

This commit is contained in:
Jan Philipp Timme 2013-09-16 18:58:09 +02:00
parent bf09e0f837
commit 8aff2adfa5
2 changed files with 102 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
app.js
View File

@ -13,6 +13,9 @@ var tools = require("./src/Tools.js");
//load settings //load settings
var settings = require("./src/Settings.js"); var settings = require("./src/Settings.js");
//load api handler
var sessionAPIHandler = require("./src/Session.api.js");
//initialize couch connector //initialize couch connector
cradle.setup(settings.couchdb); cradle.setup(settings.couchdb);
var couch = new(cradle.Connection); var couch = new(cradle.Connection);
@ -64,92 +67,7 @@ app.use(function(req, res, next) {
app.use("/", express.static(__dirname + '/static')); app.use("/", express.static(__dirname + '/static'));
//API: /session //API: /session
app.use("/session", function(req, res) { app.use("/session", new sessionAPIHandler(db));
res.setHeader("Content-Type", "application/json");
//refresh session and return login status
if(req.method == "GET") {
if(req.session.data.login == true) {
if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
req.session.data.lastActivity = new Date();
} else {
req.session.data.login = false;
}
}
res.send(200, JSON.stringify({
"success": true,
"login": req.session.data.login
}));
}
//check user credentials, update session data
if(req.method == "PUT") {
//already logged in?
if(req.session.data.login == true) {
res.send(200, JSON.stringify({
"success": false,
"error": "You are already logged in!"
}));
return;
}
var params = req.body;
//username or password missing?
if(tools.reqParamsGiven(["username", "password"], params) == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Insufficient parameters given! Need: username, password"
}));
return;
}
//check if user exists
db.get(params.username, function (err, doc) {
if(!err && doc.type == "user") {
//user exists, verify password
scrypt.verifyHash(user.auth, params.password, function(err, match) {
if(err || match == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
if(!err && match == true) {
req.session.data.login = true;
req.session.data.lastActivity = new Date();
res.send(200, JSON.stringify({
"success": true
}));
return;
}
});
} else {
//user does not exist.
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
});
}
//destroy the session
if(req.method == "DELETE") {
//only do logout if login exists
if(req.session.data.login == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Cannot log you out, you are not logged in!"
}));
} else {
req.session.data.login = false;
res.send(200, JSON.stringify({
"success": true
}));
}
}
});
//API: /user //API: /user
app.use("/user", function(req, res) { app.use("/user", function(req, res) {

98
src/Session.api.js Normal file
View File

@ -0,0 +1,98 @@
var scrypt = require("scrypt");
var tools = require("./Tools.js");
var constructor = function(db) {
var db = db;
var handler = function(req, res) {
res.setHeader("Content-Type", "application/json");
//refresh session and return login status
if(req.method == "GET") {
if(req.session.data.login == true) {
if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
req.session.data.lastActivity = new Date();
} else {
req.session.data.login = false;
}
}
res.send(200, JSON.stringify({
"success": true,
"login": req.session.data.login
}));
}
//check user credentials, update session data
if(req.method == "PUT") {
//already logged in?
if(req.session.data.login == true) {
res.send(200, JSON.stringify({
"success": false,
"error": "You are already logged in!"
}));
return;
}
var params = req.body;
//username or password missing?
if(tools.reqParamsGiven(["username", "password"], params) == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Insufficient parameters given! Need: username, password"
}));
return;
}
//check if user exists
db.get(params.username, function (err, doc) {
console.log(["dbgetuser", arguments]);
if(!err && doc.type == "user") {
//user exists, verify password
scrypt.verifyHash(doc.auth, params.password, function(err, match) {
if(err || match == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
if(!err && match == true) {
req.session.data.login = true;
req.session.data.lastActivity = new Date();
res.send(200, JSON.stringify({
"success": true
}));
return;
}
});
} else {
//user does not exist.
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
});
}
//destroy the session
if(req.method == "DELETE") {
//only do logout if login exists
if(req.session.data.login == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Cannot log you out, you are not logged in!"
}));
} else {
req.session.data.login = false;
res.send(200, JSON.stringify({
"success": true
}));
}
}
};
return handler;
};
module.exports = constructor;