innohub/tatort
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactoring part 2: mainly consolidation of token, ids and passwort

Browse Source
This commit is contained in:
Chi Cong Tran
2025-07-17 08:09:17 +02:00
parent 34d5034a71
commit 143bb128a5
10 changed files with 74 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/routes/(angemeldet)/upload/+page.server.ts
View File

@@ -1,11 +1,10 @@
import { Buffer } from 'buffer';
import { Readable } from 'stream';
import { client } from '$lib/minio';
import { fail } from '@sveltejs/kit';
import { v4 as uuidv4 } from 'uuid';
import { db } from '$lib/server/dbService';
import { getVorgangByName, vorgangExists, vorgangNameExists } from '$lib/server/vorgangService';
import { getVorgangByName, vorgangNameExists } from '$lib/server/vorgangService';
const isRequiredFieldValid = (value: unknown) => {
if (value == null) return false;
@@ -18,36 +17,36 @@ const isRequiredFieldValid = (value: unknown) => {
export const actions = {
url: async ({ request }: { request: Request }) => {
const data = await request.formData();
const vorgang = data.get('vorgang');
const name = data.get('name');
const caseName = data.get('vorgang');
const crimeName = data.get('name');
const type = data.get('type');
const pw = data.get('zugangscode');
const password = data.get('password');
const fileName = data.get('fileName');
// store case in database
// skip if Vorgang exists and token not changed
const vorgangExists = vorgangNameExists(vorgang);
const vorgangExists = vorgangNameExists(caseName);
let token;
if (!vorgangExists) {
token = uuidv4();
let insertSQLStmt = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
const statement = db.prepare(insertSQLStmt);
statement.run(token, vorgang, pw);
let insertSQLStatement = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
const statement = db.prepare(insertSQLStatement);
statement.run(token, caseName, password);
} else {
// vorgang exists
// check if PW was changed, and update DB if it was
const vorg = getVorgangByName(vorg);
const vorg = getVorgangByName(caseName);
token = vorg.token;
if (vorg.pw != pw) {
if (vorg.pw != password) {
let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`;
const statement = db.prepare(updateSQLStmt);
statement.run(pw, vorg);
statement.run(password, vorg);
}
}
let objectName = `${token}/${name}`;
let objectName = `${token}/${crimeName}`;
switch (type) {
case 'image/png':
if (!objectName.endsWith('.png')) objectName += '.png';
@@ -66,10 +65,9 @@ export const actions = {
const data = Object.fromEntries(requestData);
const vorgang = data.vorgang;
const name = data.name;
const zugangscode = data.zugangscode;
const password = data.password;
let success = true;
const err = {};
if (isRequiredFieldValid(vorgang)) err.vorgang = null;
else {
err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.';
@@ -82,9 +80,9 @@ export const actions = {
success = false;
}
if (isRequiredFieldValid(zugangscode)) err.zugangscode = null;
if (isRequiredFieldValid(password)) err.password = null;
else {
err.zugangscode = 'Das Feld Zugangscode darf nicht leer bleiben.';
err.password = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
success = false;
}

31
src/routes/(angemeldet)/upload/+page.svelte
View File

@@ -17,15 +17,15 @@
let vorgang = '';
const code_len = 8;
function generate_token() {
function generatePassword() {
return Math.random()
.toString(36)
.slice(2, 2 + code_len);
}
let zugangscode = ''
let zugangscodeOld = ''
$: zugangscodeOld = generate_token();
$: zugangscode = zugangscodeOld
let zugangspasswort = ''
let zugangspasswordOld = ''
$: zugangspasswordOld = generatePassword();
$: zugangspasswort = zugangspasswordOld
let caseExisting = undefined;
$: caseExisting = false;
@@ -42,7 +42,7 @@
let data = new FormData();
data.append('vorgang', vorgang);
data.append('name', name);
data.append('zugangscode', zugangscode);
data.append('password', zugangspasswort);
const response = await fetch('?/validate', { method: 'POST', body: data });
/** @type {import('@sveltejs/kit').ActionResult} */
const result = deserialize(await response.text());
@@ -64,7 +64,6 @@
formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors };
success = false;
}
return success;
}
@@ -72,7 +71,7 @@
let data = new FormData();
data.append('vorgang', vorgang);
data.append('name', name);
data.append('zugangscode', zugangscode);
data.append('password', zugangspasswort);
if (files?.length === 1) {
data.append('type', files[0].type);
data.append('fileName', files[0].name);
@@ -155,7 +154,7 @@
async function caseExists(caseName: string) {
if (caseName == '') {
zugangscode = zugangscodeOld;
zugangspasswort = zugangspasswordOld;
return;
}
@@ -166,19 +165,19 @@
if (status == 200) {
caseExisting = true;
const code = await getCode(caseName);
zugangscode = code;
const passwort = await getPassword(caseName);
zugangspasswort = passwort;
return true
} else {
caseExisting = false;
zugangscode = zugangscodeOld;
zugangspasswort = zugangspasswordOld;
return false
}
}
async function getCode(caseName: string) {
async function getPassword(caseName: string) {
if (caseName == '') return;
@@ -280,11 +279,11 @@
class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
>
<input
bind:value={zugangscode}
bind:value={zugangspasswort}
type="text"
name="zugangscode"
id="zugangscode"
on:input="{ (ev) => { zugangscodeOld = ev.target.value }}"
on:input="{ (ev) => { zugangspasswordOld = ev.target.value }}"
class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
/>
@@ -292,7 +291,7 @@
<button
class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
on:click="{() => {
zugangscode = zugangscodeOld = generate_token(); }}"
zugangspasswort = zugangspasswordOld = generatePassword(); }}"
type="button">
Generiere Zugangscode
</button>