[TASK] Implement mechanism to create a user.

This commit is contained in:
Jan Philipp Timme 2013-09-15 18:30:51 +02:00
parent eecbca2907
commit d11a047068

103
app.js
View File

@ -7,6 +7,9 @@ var https = require("https");
var log4js = require("log4js"); var log4js = require("log4js");
var scrypt = require("scrypt"); var scrypt = require("scrypt");
//load own tools (tiny functions that help a little ;-)
var tools = require("./src/Tools.js");
//load settings //load settings
var settings = require("./src/Settings.js"); var settings = require("./src/Settings.js");
@ -34,11 +37,11 @@ app.use(express.cookieParser());
app.use(express.session({ app.use(express.session({
"secret": settings.general.sessionsecret "secret": settings.general.sessionsecret
})); }));
app.use(express.bodyParser());
//some logging for debugging //some logging for debugging
app.use(function(req, res, next) { app.use(function(req, res, next) {
console.log("%s %s", req.method, req.url); console.log("%s %s", req.method, req.url);
// console.log(["Session", req.session]);
next(); next();
}); });
@ -46,8 +49,14 @@ app.use(function(req, res, next) {
app.use(function(req, res, next) { app.use(function(req, res, next) {
if(req.session.initialized != true) { if(req.session.initialized != true) {
req.session.initialized = true; req.session.initialized = true;
req.session.login = false; req.session.data = {
"user": null,
"profile": {},
"login": false,
"lastActivity": new Date()
};
} }
console.log(["Session Data", req.session.data]);
next(); next();
}); });
@ -60,37 +69,105 @@ app.use("/session", function(req, res) {
//refresh session //refresh session
if(req.method == "GET") { if(req.method == "GET") {
if(req.session.login == true) { if(req.session.data.login == true) {
if(new Date() - req.session.lastActivity < 5 * 60 * 1000) { if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
req.session.lastActivity = new Date(); req.session.data.lastActivity = new Date();
} else { } else {
req.session.login = false; req.session.data.login = false;
} }
} }
res.send(200, JSON.stringify({ res.send(200, JSON.stringify({
"login": req.session.login "login": req.session.data.login
})); }));
} }
//check user credentials, update session data //check user credentials, update session data
if(req.method == "PUT") { if(req.method == "PUT") {
//TODO: implement proper login mechanism if(req.session.data.login == true) {
req.session.login = true; res.send(200, JSON.stringify({
req.session.lastActivity = new Date(); "success": false
}));
}
var params = req.body;
if(tools.reqParamsGiven() == false) {
res.send(200, JSON.stringify({
"login": req.session.data.login
}));
return;
}
req.session.data.login = true;
req.session.data.lastActivity = new Date();
res.send(200, JSON.stringify({ res.send(200, JSON.stringify({
"login": req.session.login "login": req.session.data.login
})); }));
} }
//destroy the session //destroy the session
if(req.method == "DELETE") { if(req.method == "DELETE") {
req.session.login = false; req.session.data.login = false;
res.send(200, JSON.stringify({ res.send(200, JSON.stringify({
"login": req.session.login "login": req.session.data.login
})); }));
} }
}); });
//API: /user
app.use("/user", function(req, res) {
res.setHeader("Content-Type", "application/json");
if(req.method == "PUT") {
var params = req.body;
if(tools.reqParamsGiven(["username", "password", "email"], params) == false) {
res.send(500, JSON.stringify({
"success": false,
"err": "This method needs username, password and email!"
}));
return;
}
//check if user already exists
db.get(params.username, function (err, doc) {
if(!err || err.error != "not_found" || err.reason != "missing") {
res.send(200, JSON.stringify({
"success": false,
"err": "Username already taken!"
}));
return;
}
//get: {"0":{"error":"not_found","reason":"missing"}}
scrypt.passwordHash(params.password, 10, function(err, pwHash) {
var userDoc = {
"_id": params.username,
"auth": pwHash,
"email": params.email,
"type": "user"
};
db.save(userDoc._id, userDoc, function(err, result) {
if(err) {
res.send(200, JSON.stringify({
"success": false,
"err": err
}));
} else {
res.send(200, JSON.stringify({
"success": true
}));
}
});
});
});
}
if(req.method == "GET") {
res.send(200, JSON.stringify(req.session.data.user));
}
if(req.method == "POST") {
console.log(req);
}
if(req.method == "DELETE") {
//verify credentials before erasing all data
console.log(req);
}
});
//define 404 for everything else or 500 on error (ugly but i think it's useful) //define 404 for everything else or 500 on error (ugly but i think it's useful)
app.use(function(err, req, res, next) { app.use(function(err, req, res, next) {
if(err) { if(err) {