alex/GoSally
2
0
Fork 0
mirror of https://github.com/akyaiy/GoSally-mvp.git synced 2026-01-03 19:52:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

develop jwt auth for methods

Browse Source
This commit is contained in:
Alexey
2025-08-06 14:01:27 +03:00
parent 3898e2833b
commit fe628e0f7f
3 changed files with 64 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
com/Auth/DeleteUnit.lua
View File

@@ -1,13 +1,14 @@
-- com/DeleteUnit.lua -- com/DeleteUnit.lua
---@diagnostic disable: redefined-local ---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true}) local db = require("internal.database.sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log") local log = require("internal.log")
local session = require("internal.session") local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt") local crypt = require("internal.crypt.bcrypt")
local jwt = require("internal.crypt.jwt")
local params = session.request.params.get() local params = session.request.params.get()
local token = session.request.headers.get("x-session-token") local token = session.request.headers.get("authorization")
local function close_db() local function close_db()
if db then if db then
@@ -25,12 +26,32 @@ local function error_response(message, code, data)
close_db() close_db()
end end
if not params then if not token or type(token) ~= "string" then
return error_response("no params provided") return error_response("Access denied")
end end
if not (token and token == require("_config").token()) then local prefix = "Bearer "
return error_response("access denied") if token:sub(1, #prefix) ~= prefix then
return error_response("Invalid Authorization scheme")
end
local access_token = token:sub(#prefix + 1)
local err, data = jwt.decode(access_token, { secret = require("_config").token() })
if err or not data then
session.response.error = {
message = err
}
return
end
if data.session_uuid ~= session.id then
return error_response("Access denied")
end
if not params then
return error_response("no params provided")
end end
if not (params.username and params.email and params.password) then if not (params.username and params.email and params.password) then

22
com/Auth/GetAccess.lua
View File

@@ -1,13 +1,14 @@
-- com/GetAccess -- com/GetAccess
---@diagnostic disable: redefined-local ---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true}) local db = require("internal.database.sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log") local log = require("internal.log")
local session = require("internal.session") local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt") local crypt = require("internal.crypt.bcrypt")
local jwt = require("internal.crypt.jwt")
local params = session.request.params.get() local params = session.request.params.get()
local token = session.request.headers.get("x-session-token") local secret = require("_config").token()
local function close_db() local function close_db()
if db then if db then
@@ -29,10 +30,6 @@ if not params then
return error_response("No params provided") return error_response("No params provided")
end end
if not (token and token == require("_config").token()) then
return error_response("access denied")
end
if not (params.username and params.email and params.password) then if not (params.username and params.email and params.password) then
return error_response("Missing username, email or password") return error_response("Missing username, email or password")
end end
@@ -62,13 +59,14 @@ if not ok then
return error_response("Invalid password") return error_response("Invalid password")
end end
local token = jwt.encode({
secret = secret,
payload = { session_uuid = session.id, admin_user = params.username },
expires_in = 3600
})
session.response.result = { session.response.result = {
user = { access_token = token
id = unit.id,
username = unit.username,
email = unit.email,
created_at = unit.created_at
}
} }
close_db() close_db()

33
com/Auth/PutNewUnit.lua
View File

@@ -1,13 +1,14 @@
-- com/PutNewUnit.lua -- com/PutNewUnit.lua
---@diagnostic disable: redefined-local ---@diagnostic disable: redefined-local
local db = require("internal.database-sqlite").connect("db/user-database.db", {log = true}) local db = require("internal.database.sqlite").connect("db/user-database.db", {log = true})
local log = require("internal.log") local log = require("internal.log")
local session = require("internal.session") local session = require("internal.session")
local crypt = require("internal.crypt.bcrypt") local crypt = require("internal.crypt.bcrypt")
local jwt = require("internal.crypt.jwt")
local params = session.request.params.get() local params = session.request.params.get()
local token = session.request.headers.get("x-session-token") local token = session.request.headers.get("authorization")
local function close_db() local function close_db()
if db then if db then
@@ -25,12 +26,32 @@ local function error_response(message, code, data)
close_db() close_db()
end end
if not params then if not token or type(token) ~= "string" then
return error_response("no params provided") return error_response("Access denied")
end end
if not (token and token == require("_config").token()) then local prefix = "Bearer "
return error_response("access denied") if token:sub(1, #prefix) ~= prefix then
return error_response("Invalid Authorization scheme")
end
local access_token = token:sub(#prefix + 1)
local err, data = jwt.decode(access_token, { secret = require("_config").token() })
if err or not data then
session.response.error = {
message = err
}
return
end
if data.session_uuid ~= session.id then
return error_response("Access denied")
end
if not params then
return error_response("no params provided")
end end
if not (params.username and params.email and params.password) then if not (params.username and params.email and params.password) then