innohub/tatort
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

replace with

Browse Source
This commit is contained in:
Chi Cong Tran
2025-07-09 12:07:34 +02:00
parent 64aa1d404e
commit 0c6dbe30ab
3 changed files with 73 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@@ -44,6 +44,7 @@
"@sveltejs/adapter-node": "^5.2.12", "@sveltejs/adapter-node": "^5.2.12",
"@tailwindcss/forms": "^0.5.10", "@tailwindcss/forms": "^0.5.10",
"autoprefixer": "^10.4.21", "autoprefixer": "^10.4.21",
"better-sqlite3": "^12.2.0",
"crypto": "^1.0.1", "crypto": "^1.0.1",
"jsonwebtoken": "^9.0.2", "jsonwebtoken": "^9.0.2",
"jssha": "^3.3.1", "jssha": "^3.3.1",

37
src/init/init_db.js
View File

@@ -1,34 +1,32 @@
import sqlite3 from 'sqlite3'; import Database from 'better-sqlite3';
import jsSHA from 'jssha'; import jsSHA from 'jssha';
const db = new sqlite3.Database('./src/lib/data/tatort.db'); const db = new Database('./src/lib/data/tatort.db');
db.serialize(() => { let create_stmt = `CREATE TABLE IF NOT EXISTS users
// users table
let create_stmt = `CREATE TABLE IF NOT EXISTS users
(id INTEGER PRIMARY KEY AUTOINCREMENT, (id INTEGER PRIMARY KEY AUTOINCREMENT,
name TEXT NOT NULL, name TEXT NOT NULL,
pw TEXT NOT NULL)`; pw TEXT NOT NULL)`;
db.run(create_stmt); db.exec(create_stmt);
// check if there are any users; if not add one default admin one // check if there are any users; if not add one default admin one
let pw = 'pass-123'; let pw = 'pass-123';
let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pw).getHash('HEX'); let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pw).getHash('HEX');
let check_ins_stmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashed_pw}' let check_ins_stmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashed_pw}'
WHERE NOT EXISTS (SELECT * FROM users);`; WHERE NOT EXISTS (SELECT * FROM users);`;
db.run(check_ins_stmt); db.exec(check_ins_stmt);
let users_stmt = `SELECT * FROM USERS`; let users_stmt = `SELECT * FROM USERS`;
db.each(users_stmt, (err, row) => { const stmt = db.prepare(users_stmt);
console.log(`xxx ${row.name} + ${row.pw}`) for (const usr of stmt.iterate()) {
}); console.log(`xxx ${usr.name} + ${usr.pw}`)
};
// cases table // cases table
create_stmt = `CREATE TABLE IF NOT EXISTS cases create_stmt = `CREATE TABLE IF NOT EXISTS cases
(id INTEGER PRIMARY KEY AUTOINCREMENT, (id INTEGER PRIMARY KEY AUTOINCREMENT,
token TEXT NOT NULL UNIQUE, token TEXT NOT NULL UNIQUE,
name TEXT NOT NULL, name TEXT NOT NULL,
@@ -36,7 +34,6 @@ db.serialize(() => {
created_by INTEGER NOT NULL, created_by INTEGER NOT NULL,
FOREIGN KEY(created_by) REFERENCES users(id))`; FOREIGN KEY(created_by) REFERENCES users(id))`;
db.run(create_stmt); db.exec(create_stmt);
});
db.close(); db.close();

52
src/lib/auth.ts
View File

@@ -1,6 +1,12 @@
import jwt from 'jsonwebtoken'; import jwt from 'jsonwebtoken';
import jsSHA from 'jssha';
import Database from 'better-sqlite3';
import process from 'process';
import config from '$lib/config'; import config from '$lib/config';
// import db from '../init/init_db';
let db = new Database('./src/lib/data/tatort.db');
const SECRET = config.jwt.secret; const SECRET = config.jwt.secret;
const EXPIRES_IN = config.jwt.expiresIn; const EXPIRES_IN = config.jwt.expiresIn;
@@ -16,14 +22,46 @@ export function decryptToken(token: string) {
} }
export function authenticate(user, pass) { export function authenticate(user, pass) {
let userData = null; // let userData = null;
if (AUTH[user]) { // if (AUTH[user]) {
const { password, ...data } = AUTH[user]; // const { password, ...data } = AUTH[user];
if (password && password === pass) userData = data; //
// // fetch user password from db;
// db.get(get_usr_stmt, [user], (err, row) => {
// console.log(`[row] ${row.name} + ${row.pw}`);
// let stored_pw = row.pw;
// // hash user password
// let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
//
// console.log(`+++ ${stored_pw} || ${hashed_pw} || ${pass}`);
//
// if (hashed_pw && hashed_pw === stored_pw) {
// console.log(`--- SUCCESS`);
// userData = data;
// }
// if (userData == null) return null;
// console.log(`^^^ ${userData}`);
// return createToken({ id: user, ...userData });
// });
// }
//
// if (userData == null) return null;
let token;
// hash user password
let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
let get_usr_stmt = 'SELECT name, pw FROM users WHERE name = ?';
const row = db.prepare(get_usr_stmt).get(user);
let stored_pw = row.pw;
console.log(`+++ ${pass} || ${stored_pw} || ${hashed_pw}`);
if (hashed_pw && hashed_pw === stored_pw) {
token = createToken({ id: user, admin: true });
} }
if (userData == null) return null; return token;
return createToken({ id: user, ...userData });
} }