[TASK] Finish implementing /session API.
This commit is contained in:
parent
d5c197f3e5
commit
f72d126589
74
app.js
74
app.js
@ -67,7 +67,7 @@ app.use("/", express.static(__dirname + '/static'));
|
|||||||
app.use("/session", function(req, res) {
|
app.use("/session", function(req, res) {
|
||||||
res.setHeader("Content-Type", "application/json");
|
res.setHeader("Content-Type", "application/json");
|
||||||
|
|
||||||
//refresh session
|
//refresh session and return login status
|
||||||
if(req.method == "GET") {
|
if(req.method == "GET") {
|
||||||
if(req.session.data.login == true) {
|
if(req.session.data.login == true) {
|
||||||
if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
|
if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
|
||||||
@ -77,37 +77,77 @@ app.use("/session", function(req, res) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
res.send(200, JSON.stringify({
|
res.send(200, JSON.stringify({
|
||||||
|
"success": true,
|
||||||
"login": req.session.data.login
|
"login": req.session.data.login
|
||||||
}));
|
}));
|
||||||
}
|
}
|
||||||
|
|
||||||
//check user credentials, update session data
|
//check user credentials, update session data
|
||||||
if(req.method == "PUT") {
|
if(req.method == "PUT") {
|
||||||
|
//already logged in?
|
||||||
if(req.session.data.login == true) {
|
if(req.session.data.login == true) {
|
||||||
res.send(200, JSON.stringify({
|
res.send(200, JSON.stringify({
|
||||||
"success": false
|
"success": false,
|
||||||
}));
|
"error": "You are already logged in!"
|
||||||
}
|
|
||||||
var params = req.body;
|
|
||||||
if(tools.reqParamsGiven() == false) {
|
|
||||||
res.send(200, JSON.stringify({
|
|
||||||
"login": req.session.data.login
|
|
||||||
}));
|
}));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
req.session.data.login = true;
|
|
||||||
req.session.data.lastActivity = new Date();
|
var params = req.body;
|
||||||
res.send(200, JSON.stringify({
|
//username or password missing?
|
||||||
"login": req.session.data.login
|
if(tools.reqParamsGiven(["username", "password"], params) == false) {
|
||||||
}));
|
res.send(200, JSON.stringify({
|
||||||
|
"success": false,
|
||||||
|
"error": "Insufficient parameters given! Need: username, password"
|
||||||
|
}));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
//check if user exists
|
||||||
|
db.get(params.username, function (err, doc) {
|
||||||
|
if(!err && doc.type == "user") {
|
||||||
|
//user exists, verify password
|
||||||
|
scrypt.verifyHash(user.auth, params.password, function(err, match) {
|
||||||
|
if(err || match == false) {
|
||||||
|
res.send(200, JSON.stringify({
|
||||||
|
"success": false,
|
||||||
|
"error": "Invalid login credentials!"
|
||||||
|
}));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if(!err && match == true) {
|
||||||
|
req.session.data.login = true;
|
||||||
|
req.session.data.lastActivity = new Date();
|
||||||
|
res.send(200, JSON.stringify({
|
||||||
|
"success": true
|
||||||
|
}));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
//user does not exist.
|
||||||
|
res.send(200, JSON.stringify({
|
||||||
|
"success": false,
|
||||||
|
"error": "Invalid login credentials!"
|
||||||
|
}));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
//destroy the session
|
//destroy the session
|
||||||
if(req.method == "DELETE") {
|
if(req.method == "DELETE") {
|
||||||
req.session.data.login = false;
|
//only do logout if login exists
|
||||||
res.send(200, JSON.stringify({
|
if(req.session.data.login == false) {
|
||||||
"login": req.session.data.login
|
res.send(200, JSON.stringify({
|
||||||
}));
|
"success": false,
|
||||||
|
"error": "Cannot log you out, you are not logged in!"
|
||||||
|
}));
|
||||||
|
} else {
|
||||||
|
req.session.data.login = false;
|
||||||
|
res.send(200, JSON.stringify({
|
||||||
|
"success": true
|
||||||
|
}));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user