alex/GoSally
2
0
Fork 0
mirror of https://github.com/akyaiy/GoSally-mvp.git synced 2026-01-03 17:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

some small changes for auth scripts

Browse Source
This commit is contained in:
Alexey
2025-08-05 22:09:55 +03:00
parent d3eb483461
commit 1c2c4c1356
4 changed files with 201 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
com/Auth/DeleteUnit.lua Normal file
View File

@@ -0,0 +1,96 @@
-- com/DeleteUnit.lua
---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log")
local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt")
local function close_db()
if db then
db:close()
db = nil
end
end
local function error_response(message, code, data)
session.response.error = {
code = code or nil,
message = message,
data = data or nil
}
close_db()
end
if not session.request.params then
return error_response("no params provided")
end
if not session.request.params.token then
return error_response("access denied")
end
if session.request.params.token ~= require("_config").token() then
return error_response("access denied")
end
local params = session.request.params
if not (params.username and params.email and params.password) then
return error_response("no username/email/password provided")
end
local existing, err = db:query(
"SELECT password FROM users WHERE email = ? AND username = ? AND deleted = 0 LIMIT 1",
{
params.email,
params.username
}
)
if err ~= nil then
log.error("Password fetch failed: " .. tostring(err))
return error_response("Database query failed: " .. tostring(err))
end
if not existing or #existing == 0 then
return error_response("Unit not found")
end
local hashed_password = existing[1].password
local ok = crypt.compare(hashed_password, params.password)
if not ok then
log.warn("Wrong password attempt for: " .. params.username)
return error_response("Invalid password")
end
local ctx, err = db:exec(
[[
UPDATE users
SET deleted = 1,
deleted_at = CURRENT_TIMESTAMP
WHERE email = ? AND username = ? AND deleted = 0
]],
{ params.email, params.username }
)
if err ~= nil then
log.error("Soft delete failed: " .. tostring(err))
return error_response("Soft delete failed: " .. tostring(err))
end
local res, err = ctx:wait()
if err ~= nil then
log.error("Soft delete confirmation failed: " .. tostring(err))
return error_response("Soft delete confirmation failed: " .. tostring(err))
end
session.response.result = {
rows_affected = res,
message = "Unit soft-deleted successfully"
}
log.info("user " .. params.username .. " soft-deleted successfully")
close_db()

25
com/Auth/GetAccess.lua
View File

@@ -1,3 +1,5 @@
-- com/GetAccess
---@diagnostic disable: redefined-local ---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true}) local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log") local log = require("internal.log")
@@ -13,7 +15,7 @@ end
local function error_response(message, code, data) local function error_response(message, code, data)
session.response.error = { session.response.error = {
code = code or -32600, code = code or nil,
message = message, message = message,
data = data or nil data = data or nil
} }
@@ -25,13 +27,24 @@ if not params then
return error_response("No params provided") return error_response("No params provided")
end end
if not session.request.params.token then
return error_response("access denied")
end
if session.request.params.token ~= require("_config").token() then
return error_response("access denied")
end
if not (params.username and params.email and params.password) then if not (params.username and params.email and params.password) then
return error_response("Missing username, email or password", -32602) return error_response("Missing username, email or password")
end end
local unit, err = db:query( local unit, err = db:query(
"SELECT id, username, email, password, created_at FROM users WHERE email = ? AND username = ? LIMIT 1", "SELECT id, username, email, password, created_at FROM users WHERE email = ? AND username = ? AND deleted = 0 LIMIT 1",
{params.email, params.username} {
params.email,
params.username
}
) )
if err then if err then
@@ -40,7 +53,7 @@ if err then
end end
if not unit or #unit == 0 then if not unit or #unit == 0 then
return error_response("Unit not found", -32604) return error_response("Unit not found")
end end
unit = unit[1] unit = unit[1]
@@ -48,7 +61,7 @@ unit = unit[1]
local ok = crypt.compare(unit.password, params.password) local ok = crypt.compare(unit.password, params.password)
if not ok then if not ok then
log.warn("Login failed: wrong password for " .. params.username) log.warn("Login failed: wrong password for " .. params.username)
return error_response("Invalid password", -32605) return error_response("Invalid password")
end end
session.response.result = { session.response.result = {

77
com/Auth/NewUnit.lua
View File

@@ -1,77 +0,0 @@
---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log")
local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt")
if not session.request.params then
session.response.error = {
message = "no params provided"
}
return
end
local params = session.request.params
if not (params.username and params.email and params.password) then
session.response.error = {
message = "no username/email/password provided"
}
return
end
local hashPass = crypt.generate(params.password, crypt.DefaultCost)
local existing, err = db:query("SELECT 1 FROM users WHERE email = ? OR username = ? LIMIT 1", {
params.email,
params.username
})
if err ~= nil then
session.response.error = {
message = "Database check failed: "..tostring(err)
}
log.error("Email check failed: "..tostring(err))
return
end
if existing and #existing > 0 then
session.response.error = {
code = -32604,
message = "Unit already exists"
}
return
end
local ctx, err = db:exec(
"INSERT INTO users (username, email, password) VALUES (?, ?, ?)",
{
params.username,
params.email,
hashPass
}
)
if err ~= nil then
session.response.error = {
code = -32605,
message = "Insert failed: "..tostring(err)
}
log.error("Insert failed: "..tostring(err))
return
end
local res, err = ctx:wait()
if err ~= nil then
session.response.error = {
code = -32606,
message = "Insert confirmation failed: "..tostring(err)
}
log.error("Insert confirmation failed: "..tostring(err))
return
end
session.response.result = {
rows_affected = res,
message = "Unit created successfully"
}
db:close()

86
com/Auth/PutNewUnit.lua Normal file
View File

@@ -0,0 +1,86 @@
-- com/PutNewUnit.lua
---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log")
local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt")
local function close_db()
if db then
db:close()
db = nil
end
end
local function error_response(message, code, data)
session.response.error = {
code = code or nil,
message = message,
data = data or nil
}
close_db()
end
if not session.request.params then
return error_response("no params provided")
end
if not session.request.params.token then
return error_response("access denied")
end
if session.request.params.token ~= require("_config").token() then
return error_response("access denied")
end
local params = session.request.params
if not (params.username and params.email and params.password) then
return error_response("no username/email/password provided")
end
local hashPass = crypt.generate(params.password, crypt.DefaultCost)
local existing, err = db:query("SELECT 1 FROM users WHERE deleted = 0 AND (email = ? OR username = ? OR phone_number = ?) LIMIT 1", {
params.email,
params.username,
params.phone_number
})
if err ~= nil then
log.error("Email check failed: "..tostring(err))
return error_response("Database check failed: "..tostring(err))
end
if existing and #existing > 0 then
return error_response("Unit already exists")
end
local ctx, err = db:exec(
"INSERT INTO users (username, email, password, first_name, last_name, phone_number) VALUES (?, ?, ?, ?, ?, ?)",
{
params.username,
params.email,
hashPass,
params.first_name or "",
params.last_name or "",
params.phone_number or ""
}
)
if err ~= nil then
log.error("Insert failed: "..tostring(err))
return error_response("Insert failed: "..tostring(err))
end
local res, err = ctx:wait()
if err ~= nil then
log.error("Insert confirmation failed: "..tostring(err))
return error_response("Insert confirmation failed: "..tostring(err))
end
session.response.result = {
rows_affected = res,
message = "Unit created successfully"
}
close_db()