Reflected changes in requirements and added logging
This commit is contained in:
Christian Risi
parent
3cac439056
commit
64453aa176
@ -1,13 +1,14 @@
|
||||
import type { Session } from "./sessions"
|
||||
|
||||
|
||||
export interface IUserBroker {
|
||||
|
||||
createTable(): void
|
||||
createUser(username: string, password: string): Promise<User>
|
||||
getUser(username: string, password: string): Promise<User|null>
|
||||
updatePassword(username: string, password: string, newPassword: string): Promise<void>
|
||||
getUserFromSession(sessionID: number): User
|
||||
getUserFromSession(session: Session): User
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
export class User {
|
||||
@ -45,9 +46,10 @@ export class UserApp {
|
||||
|
||||
}
|
||||
|
||||
public static getUserFromSession(sessionID: number): User {
|
||||
|
||||
public static getUserFromSession(session: Session): User {
|
||||
UserApp.assertInitialized()
|
||||
return UserApp.broker.getUserFromSession(sessionID)
|
||||
return UserApp.broker.getUserFromSession(session)
|
||||
}
|
||||
|
||||
public static async createUser(username: string, password: string): Promise<User> {
|
||||
|
||||
@ -11,6 +11,10 @@ SELECT user_id, username, password_hash
|
||||
FROM users
|
||||
WHERE username = @username;
|
||||
|
||||
SELECT user_id, username, password_hash
|
||||
FROM users
|
||||
WHERE user_id = @user_id;
|
||||
|
||||
UPDATE users
|
||||
SET password_hash = @newPassword
|
||||
WHERE username = @username;
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
import type { Session, SessionApp } from "$lib/classes/sessions";
|
||||
import { User, type IUserBroker } from "$lib/classes/users";
|
||||
import { logger } from "$lib/utils/logger";
|
||||
import { SSLSnifferApp } from "./sqlite";
|
||||
import * as argon2 from "argon2";
|
||||
|
||||
@ -18,8 +20,8 @@ class UserDB {
|
||||
this.username = username
|
||||
this.password_hash = password_hash
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export class UserDBBroker implements IUserBroker {
|
||||
|
||||
private static initialized = false
|
||||
@ -29,6 +31,8 @@ export class UserDBBroker implements IUserBroker {
|
||||
// UGLY: make more specific
|
||||
throw Error("UserDB has been already initialized")
|
||||
}
|
||||
|
||||
logger.debug("Correctly initialized", "UserDBBroker")
|
||||
}
|
||||
|
||||
|
||||
@ -84,20 +88,20 @@ export class UserDBBroker implements IUserBroker {
|
||||
return user
|
||||
}
|
||||
|
||||
public async getUser(username: string, password: string): Promise<User|null> {
|
||||
|
||||
const userToVerify = this.getUserByUsername(username)
|
||||
public async getUser(username: string, password: string): Promise<User | null> {
|
||||
|
||||
const userToVerify = this.getUserFromUsername(username)
|
||||
|
||||
if (!userToVerify) {
|
||||
// UGLY: make this more specific
|
||||
throw new Error("The specified user does not exist on the database")
|
||||
}
|
||||
|
||||
|
||||
let match = false
|
||||
|
||||
try {
|
||||
match = await argon2.verify(userToVerify.password_hash, password)
|
||||
} catch(error) {
|
||||
} catch (error) {
|
||||
// UGLY: make this more specific
|
||||
throw new Error("Argon2 had an error")
|
||||
}
|
||||
@ -114,7 +118,7 @@ export class UserDBBroker implements IUserBroker {
|
||||
}
|
||||
|
||||
public async updatePassword(username: string, password: string, newPassword: string): Promise<void> {
|
||||
|
||||
|
||||
const userToUpdate = await this.getUser(username, password)
|
||||
|
||||
if (!userToUpdate) {
|
||||
@ -138,14 +142,28 @@ export class UserDBBroker implements IUserBroker {
|
||||
stmt.finalize()
|
||||
}
|
||||
|
||||
// TODO: implement this
|
||||
public getUserFromSession(sessionID: number): User {
|
||||
throw new Error("Method not implemented.");
|
||||
|
||||
public getUserFromSession(session: Session): User {
|
||||
|
||||
const userDB = this.getUserFromUserID(session.userID)
|
||||
|
||||
if (!userDB) {
|
||||
// UGLY: be specific
|
||||
throw new Error("Could not find user inside database")
|
||||
}
|
||||
|
||||
return new User(
|
||||
userDB.user_id,
|
||||
userDB.username
|
||||
)
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
private validateUniqueness(username: string) {
|
||||
|
||||
const user = this.getUserByUsername(username)
|
||||
const user = this.getUserFromUsername(username)
|
||||
|
||||
if (!user) {
|
||||
return
|
||||
@ -154,7 +172,7 @@ export class UserDBBroker implements IUserBroker {
|
||||
throw new Error("User is already on the system")
|
||||
}
|
||||
|
||||
private getUserByUsername(username: string): UserDB | null {
|
||||
private getUserFromUsername(username: string): UserDB | null {
|
||||
const stmt = SSLSnifferApp.prepare(
|
||||
`
|
||||
SELECT user_id, username, password_hash
|
||||
@ -163,7 +181,7 @@ export class UserDBBroker implements IUserBroker {
|
||||
`
|
||||
)
|
||||
|
||||
const user : any | null = stmt.get({
|
||||
const user: any | null = stmt.get({
|
||||
username: username,
|
||||
})
|
||||
|
||||
@ -181,4 +199,32 @@ export class UserDBBroker implements IUserBroker {
|
||||
|
||||
}
|
||||
|
||||
private getUserFromUserID(userID: number): UserDB | null {
|
||||
|
||||
const stmt = SSLSnifferApp.prepare(
|
||||
`
|
||||
SELECT user_id, username, password_hash
|
||||
FROM users
|
||||
WHERE user_id = @user_id;
|
||||
`
|
||||
)
|
||||
|
||||
const user: any | null = stmt.get({
|
||||
user_id: userID,
|
||||
})
|
||||
|
||||
stmt.finalize()
|
||||
|
||||
if (!user) {
|
||||
return null
|
||||
}
|
||||
|
||||
return new UserDB(
|
||||
user.user_id,
|
||||
user.username,
|
||||
user.password_hash
|
||||
)
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user