refactoring part 2: mainly consolidation of token, ids and passwort

2025-07-17 08:09:17 +02:00
parent 34d5034a71
commit 143bb128a5
10 changed files with 74 additions and 76 deletions
--- a/src/lib/server/vorgangService.ts
+++ b/src/lib/server/vorgangService.ts
@@ -6,11 +6,11 @@ import { db } from './dbService';
 /**
 * Get Vorgang and corresponend list of tatorte
- * @param caseId
+ * @param caseToken
 * @returns
 */
-export const getVorgangByCaseId = async (caseId: string) => {
+export const getCrimesListByToken = async (caseToken: string) => {
-	const prefix = `${caseId}/`;
+	const prefix = `${caseToken}/`;
 	const stream = client.listObjectsV2(BUCKET, prefix, false, '');
@@ -174,14 +174,14 @@ export const hasValidToken = async (caseId: string, caseToken: string) => {
 	}
 };
-export const tokenValid = function (caseId, caseToken) {
+export const passwordValid = function (caseToken, casePassword) {
-	if (!caseToken) {
+	if (!casePassword) {
 		return false;
 	}
-	const vorg = getVorgangByToken(caseId);
+	const vorg = getVorgangByToken(caseToken);
-	if (!vorg || vorg.pw !== caseToken) {
+	if (!vorg || vorg.pw !== casePassword) {
 		return false;
 	}
--- a/src/routes/(angemeldet)/list/+page.svelte
+++ b/src/routes/(angemeldet)/list/+page.svelte
@@ -46,7 +46,7 @@
 		<ul role="list" class="divide-y divide-gray-100">
 			{#each caseList as item}
 				<li>
-					<a href="/list/{item.token}?token={item.pw}" class="flex justify-between gap-x-6 py-5">
+					<a href="/list/{item.token}?pw={item.pw}" class="flex justify-between gap-x-6 py-5">
 						<div class="flex gap-x-4">
 							<!-- Ordner -->
 							<Folder />
--- a/src/routes/(angemeldet)/upload/+page.server.ts
+++ b/src/routes/(angemeldet)/upload/+page.server.ts
@@ -1,11 +1,10 @@
 import { Buffer } from 'buffer';
 import { Readable } from 'stream';
 import { client } from '$lib/minio';
 import { fail } from '@sveltejs/kit';
 import { v4 as uuidv4 } from 'uuid';
 import { db } from '$lib/server/dbService';
-import { getVorgangByName, vorgangExists, vorgangNameExists } from '$lib/server/vorgangService';
+import { getVorgangByName, vorgangNameExists } from '$lib/server/vorgangService';
 const isRequiredFieldValid = (value: unknown) => {
 	if (value == null) return false;
@@ -18,36 +17,36 @@ const isRequiredFieldValid = (value: unknown) => {
 export const actions = {
 	url: async ({ request }: { request: Request }) => {
 		const data = await request.formData();
-		const vorgang = data.get('vorgang');
+		const caseName = data.get('vorgang');
-		const name = data.get('name');
+		const crimeName = data.get('name');
 		const type = data.get('type');
-		const pw = data.get('zugangscode');
+		const password = data.get('password');
 		const fileName = data.get('fileName');
 		// store case in database
 		// skip if Vorgang exists and token not changed
-		const vorgangExists = vorgangNameExists(vorgang);
+		const vorgangExists = vorgangNameExists(caseName);
 		let token;
 		if (!vorgangExists) {
 			token = uuidv4();
-			let insertSQLStmt = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
+			let insertSQLStatement = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
-			const statement = db.prepare(insertSQLStmt);
+			const statement = db.prepare(insertSQLStatement);
-			statement.run(token, vorgang, pw);
+			statement.run(token, caseName, password);
 		} else {
 			// vorgang exists
 			// check if PW was changed, and update DB if it was
-			const vorg = getVorgangByName(vorg);
+			const vorg = getVorgangByName(caseName);
 			token = vorg.token;
-			if (vorg.pw != pw) {
+			if (vorg.pw != password) {
 				let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`;
 				const statement = db.prepare(updateSQLStmt);
-				statement.run(pw, vorg);
+				statement.run(password, vorg);
 			}
 		}
-		let objectName = `${token}/${name}`;
+		let objectName = `${token}/${crimeName}`;
 		switch (type) {
 			case 'image/png':
 				if (!objectName.endsWith('.png')) objectName += '.png';
@@ -66,10 +65,9 @@ export const actions = {
 		const data = Object.fromEntries(requestData);
 		const vorgang = data.vorgang;
 		const name = data.name;
-		const zugangscode = data.zugangscode;
+		const password = data.password;
 		let success = true;
 		const err = {};
 		if (isRequiredFieldValid(vorgang)) err.vorgang = null;
 		else {
 			err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.';
@@ -82,9 +80,9 @@ export const actions = {
 			success = false;
 		}
-		if (isRequiredFieldValid(zugangscode)) err.zugangscode = null;
+		if (isRequiredFieldValid(password)) err.password = null;
 		else {
-			err.zugangscode = 'Das Feld Zugangscode darf nicht leer bleiben.';
+			err.password = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
 			success = false;
 		}
--- a/src/routes/(angemeldet)/upload/+page.svelte
+++ b/src/routes/(angemeldet)/upload/+page.svelte
@@ -17,15 +17,15 @@
 	let vorgang = '';
 	const code_len = 8;
-	function generate_token() {
+	function generatePassword() {
 		return Math.random()
 		.toString(36)
 		.slice(2, 2 + code_len);
 	}
-	let zugangscode = ''
+	let zugangspasswort = ''
-	let zugangscodeOld = ''
+	let zugangspasswordOld = ''
-	$: zugangscodeOld = generate_token();
+	$: zugangspasswordOld = generatePassword();
-	$: zugangscode = zugangscodeOld
+	$: zugangspasswort = zugangspasswordOld
 	let caseExisting = undefined;
 	$: caseExisting = false;
@@ -42,7 +42,7 @@
 		let data = new FormData();
 		data.append('vorgang', vorgang);
 		data.append('name', name);
-		data.append('zugangscode', zugangscode);
+		data.append('password', zugangspasswort);
 		const response = await fetch('?/validate', { method: 'POST', body: data });
 		/** @type {import('@sveltejs/kit').ActionResult} */
 		const result = deserialize(await response.text());
@@ -64,7 +64,6 @@
 			formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors };
 			success = false;
 		}
 		return success;
 	}
@@ -72,7 +71,7 @@
 		let data = new FormData();
 		data.append('vorgang', vorgang);
 		data.append('name', name);
-		data.append('zugangscode', zugangscode);
+		data.append('password', zugangspasswort);
 		if (files?.length === 1) {
 			data.append('type', files[0].type);
 			data.append('fileName', files[0].name);
@@ -155,7 +154,7 @@
 	async function caseExists(caseName: string) {
 		if (caseName == '') {
-			zugangscode = zugangscodeOld;
+			zugangspasswort = zugangspasswordOld;
 			return;
 		}
@@ -166,19 +165,19 @@
 		if (status == 200) {
 			caseExisting = true;
-			const code = await getCode(caseName);
+			const passwort = await getPassword(caseName);
-			zugangscode = code;
+			zugangspasswort = passwort;
 			return true
 		} else {
 			caseExisting = false;
-			zugangscode = zugangscodeOld;
+			zugangspasswort = zugangspasswordOld;
 			return false
 		}
 	}
-	async function getCode(caseName: string) {
+	async function getPassword(caseName: string) {
 		if (caseName == '') return;
@@ -280,11 +279,11 @@
 								class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
 							>
 								<input
-									bind:value={zugangscode}
+									bind:value={zugangspasswort}
 									type="text"
 									name="zugangscode"
 									id="zugangscode"
-									on:input="{ (ev) => { zugangscodeOld = ev.target.value }}"
+									on:input="{ (ev) => { zugangspasswordOld = ev.target.value }}"
 									class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
 								/>
@@ -292,7 +291,7 @@
 							<button
 							class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
 							on:click="{() => {
-							zugangscode = zugangscodeOld = generate_token(); }}"
+							zugangspasswort = zugangspasswordOld = generatePassword(); }}"
 							type="button">
 								Generiere Zugangscode
 							</button>
--- a/src/routes/(token-based)/+layout.server.ts
+++ b/src/routes/(token-based)/+layout.server.ts
@@ -1,7 +1,7 @@
 import {
 	checkIfVorgangExists,
 	hasValidToken,
-	tokenValid,
+	passwordValid,
 	vorgangExists
 } from '$lib/server/vorgangService';
 import { redirect } from '@sveltejs/kit';
@@ -14,11 +14,11 @@ export const load: PageServerLoad = async ({ params, url, locals }) => {
 		};
 	}
-	const caseId = params.vorgang;
+	const caseToken = params.vorgang;
-	const caseToken = url.searchParams.get('token');
+	const casePassword = url.searchParams.get('pw');
-	const isVorgangValid = vorgangExists(caseId);
+	const isVorgangValid = vorgangExists(caseToken);
-	const isTokenValid = tokenValid(caseId, caseToken);
+	const isPasswordValid = passwordValid(caseToken, casePassword);
-	if (!isVorgangValid || !isTokenValid) throw redirect(303, `/anmeldung?vorgang=${caseId}`);
+	if (!isVorgangValid || !isPasswordValid) throw redirect(303, `/anmeldung?vorgang=${caseToken}`);
 };
--- a/src/routes/(token-based)/list/[vorgang]/+page.server.ts
+++ b/src/routes/(token-based)/list/[vorgang]/+page.server.ts
@@ -1,16 +1,16 @@
-import { getVorgangByToken, getVorgangByCaseId } from '$lib/server/vorgangService';
+import { getVorgangByToken, getCrimesListByToken } from '$lib/server/vorgangService';
 import type { PageServerLoad } from './$types';
 export const load: PageServerLoad = async ({ params, url }) => {
-	const caseId = params.vorgang;
+	const caseToken = params.vorgang;
-	const caseToken = url.searchParams.get('token');
+	const casePassword = url.searchParams.get('pw');
-	const crimesList = await getVorgangByCaseId(caseId);
+	const crimesList = await getCrimesListByToken(caseToken);
-	const vorg = getVorgangByToken(caseId);
+	const vorgang = getVorgangByToken(caseToken);
 	return {
 		crimesList,
-		caseToken,
+		casePassword,
-		vorg
+		vorgang
 	};
 };
--- a/src/routes/(token-based)/list/[vorgang]/+page.svelte
+++ b/src/routes/(token-based)/list/[vorgang]/+page.svelte
@@ -26,9 +26,9 @@
 		// add other properties as needed
 	}
-	const vorg = data.vorg;
+	const vorgang = data.vorgang;
 	const crimesList: ListItem[] = data.crimesList;
-	const token: string = data.caseToken;
+	const password: string = data.casePassword;
 	let open = false;
 	$: open;
@@ -141,9 +141,9 @@
 <div class="-z-10 bg-white">
 	<div class="flex flex-col items-center justify-center w-full">
-		<h1 class="text-xl">Vorgang {vorg.name}</h1>
+		<h1 class="text-xl">Vorgang {vorgang.name}</h1>
 		{#if data?.user?.admin}
-		Zugangspasswort: {vorg.pw}
+		Zugangspasswort: {vorgang.pw}
 		<Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button>
 		{/if}
 	</div>
@@ -152,7 +152,7 @@
 			{#each crimesList as item, i}
 				<li>
 					<a
-						href="/view/{$page.params.vorgang}/{item.name}?token={token}"
+						href="/view/{$page.params.vorgang}/{item.name}?pw={password}"
 						class=" flex justify-between gap-x-6 py-5"
 						aria-label="zum 3D-modell"
 					>
--- a/src/routes/anmeldung/+page.server.ts
+++ b/src/routes/anmeldung/+page.server.ts
@@ -4,13 +4,15 @@ import { redirect } from '@sveltejs/kit';
 export const actions = {
 	login: ({ request, cookies }) => loginUser({ request, cookies }),
 	logout: (event) => logoutUser(event),
-	getVorgangById: async ({ request }) => {
+	getVorgangByToken: async ({ request }) => {
 		const data = await request.formData();
 		const caseId = data.get('case-id');
 		const caseToken = data.get('case-token');
 		const casePassword = data.get('case-password');
-		if (!caseId || !caseToken) return;
+		console.log(`+++ ${caseToken} + ${casePassword}`);
-		throw redirect(303, `/list/${caseId}?token=${caseToken}`);
+		if (!caseToken || !casePassword) return;
 		throw redirect(303, `/list/${caseToken}?pw=${casePassword}`);
 	}
-} as const;
+} as const;
--- a/src/routes/anmeldung/+page.svelte
+++ b/src/routes/anmeldung/+page.svelte
@@ -13,7 +13,7 @@
 	export let open = false;
 	import { page } from '$app/state';
-	const vorgang_token = page.url.searchParams.get('vorgang');
+	const vorgangToken = page.url.searchParams.get('vorgang');
 </script>
 <div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
@@ -27,21 +27,21 @@
 	<div class="w-full max-w-sm mx-auto">
 		<div class="relative mt-5 bg-gray-50 rounded-xl shadow-xl p-3 pt-1">
 			<div class="mt-10">
-				<form action="?/getVorgangById" method="POST">
+				<form action="?/getVorgangByToken" method="POST">
 					<BaseInputField
-						id="case-id"
+						id="case-token"
-						name="case-id"
+						name="case-token"
 						label="Vorgangskennung"
 						type="text"
-						value={vorgang_token}
+						value={vorgangToken}
 					/>
 					<div class="mt-5">
 						<BaseInputField
-							id="case-token"
+							id="case-password"
-							name="case-token"
+							name="case-password"
-							label="Zugangscode"
+							label="Zugangspasswort"
 							type="text"
-							value={form?.token}
+							value={form?.password}
 							error={form?.error?.message}
 						/>
 					</div>
--- a/src/routes/api/list/[vorgang]/code/+server.ts
+++ b/src/routes/api/list/[vorgang]/code/+server.ts
@@ -1,12 +1,11 @@
 import { client } from '$lib/minio';
 import { db } from '$lib/server/dbService';
 /** @type {import('./$types').RequestHandler} */
 export async function GET({ params }) {
 	const vorgangName = params.vorgang;
-	let getCodeSQLStmt = `SELECT pw FROM cases WHERE name = ?;`;
+	let getCodeSQLStatement = `SELECT pw FROM cases WHERE name = ?;`;
-	const row = db.prepare(getCodeSQLStmt).get(vorgangName);
+	const row = db.prepare(getCodeSQLStatement).get(vorgangName);
 	let password = row.pw;
 	if (password) {