JPT/dashboard
0
0
Fork 0
Code Issues Pull Requests Activity

[TASK] Finish implementing /session API.

Browse Source
This commit is contained in:
Jan Philipp Timme 2013-09-16 18:21:52 +02:00
parent d5c197f3e5
commit f72d126589
1 changed files with 57 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
app.js
View File

@ -67,7 +67,7 @@ app.use("/", express.static(__dirname + '/static'));
app.use("/session", function(req, res) { app.use("/session", function(req, res) {
res.setHeader("Content-Type", "application/json"); res.setHeader("Content-Type", "application/json");
//refresh session //refresh session and return login status
if(req.method == "GET") { if(req.method == "GET") {
if(req.session.data.login == true) { if(req.session.data.login == true) {
if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) { if(new Date() - req.session.data.lastActivity < 5 * 60 * 1000) {
@ -77,37 +77,77 @@ app.use("/session", function(req, res) {
} }
} }
res.send(200, JSON.stringify({ res.send(200, JSON.stringify({
"success": true,
"login": req.session.data.login "login": req.session.data.login
})); }));
} }
//check user credentials, update session data //check user credentials, update session data
if(req.method == "PUT") { if(req.method == "PUT") {
//already logged in?
if(req.session.data.login == true) { if(req.session.data.login == true) {
res.send(200, JSON.stringify({ res.send(200, JSON.stringify({
"success": false "success": false,
})); "error": "You are already logged in!"
}
var params = req.body;
if(tools.reqParamsGiven() == false) {
res.send(200, JSON.stringify({
"login": req.session.data.login
})); }));
return; return;
} }
req.session.data.login = true;
req.session.data.lastActivity = new Date(); var params = req.body;
res.send(200, JSON.stringify({ //username or password missing?
"login": req.session.data.login if(tools.reqParamsGiven(["username", "password"], params) == false) {
})); res.send(200, JSON.stringify({
"success": false,
"error": "Insufficient parameters given! Need: username, password"
}));
return;
}
//check if user exists
db.get(params.username, function (err, doc) {
if(!err && doc.type == "user") {
//user exists, verify password
scrypt.verifyHash(user.auth, params.password, function(err, match) {
if(err || match == false) {
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
if(!err && match == true) {
req.session.data.login = true;
req.session.data.lastActivity = new Date();
res.send(200, JSON.stringify({
"success": true
}));
return;
}
});
} else {
//user does not exist.
res.send(200, JSON.stringify({
"success": false,
"error": "Invalid login credentials!"
}));
return;
}
});
} }
//destroy the session //destroy the session
if(req.method == "DELETE") { if(req.method == "DELETE") {
req.session.data.login = false; //only do logout if login exists
res.send(200, JSON.stringify({ if(req.session.data.login == false) {
"login": req.session.data.login res.send(200, JSON.stringify({
})); "success": false,
"error": "Cannot log you out, you are not logged in!"
}));
} else {
req.session.data.login = false;
res.send(200, JSON.stringify({
"success": true
}));
}
} }
}); });