revised init db pw to pin, and check name routine
This commit is contained in:
@@ -13,7 +13,8 @@
|
||||
"format": "prettier --write .",
|
||||
"lint": "prettier --check . && eslint .",
|
||||
"test:unit": "vitest",
|
||||
"test": "npm run test:unit -- --run && npm run test:e2e"
|
||||
"test": "npm run test:unit -- --run && npm run test:e2e",
|
||||
"init-db": "tsx ./src/init/init_db.ts"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@eslint/compat": "^1.2.9",
|
||||
|
||||
@@ -12,7 +12,7 @@ db.exec(createSQLStmt);
|
||||
// check if there are any users; if not add one default admin one
|
||||
const userPassword = 'pass-123';
|
||||
const hashedUserPassword = new jsSHA('SHA-512', 'TEXT').update(userPassword).getHash('HEX');
|
||||
const checkInsertSQLStmt = `INSERT INTO users (name, pin) SELECT 'admin', '${hashedUserPassword}'
|
||||
const checkInsertSQLStmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashedUserPassword}'
|
||||
WHERE NOT EXISTS (SELECT * FROM users);`;
|
||||
|
||||
db.exec(checkInsertSQLStmt);
|
||||
|
||||
Binary file not shown.
@@ -143,8 +143,8 @@ export const vorgangExists = function (vorgangToken: string | null) {
|
||||
return found;
|
||||
};
|
||||
|
||||
export const vorgangNameExists = function (vorgangName: string) {
|
||||
const vorgaenge = getVorgaenge();
|
||||
export const vorgangNameExists = async (vorgangName: string) => {
|
||||
const vorgaenge = await getVorgaenge();
|
||||
const vorgaengeNames = vorgaenge.map((vorgang) => vorgang.vorgangName);
|
||||
|
||||
const found = vorgaengeNames.indexOf(vorgangName) != -1;
|
||||
|
||||
@@ -2,7 +2,7 @@ import { getVorgaenge } from '$lib/server/vorgangService';
|
||||
import type { PageServerLoad } from '../../(token-based)/view/$types';
|
||||
|
||||
export const load: PageServerLoad = async () => {
|
||||
const vorgangList = getVorgaenge();
|
||||
const vorgangList = await getVorgaenge();
|
||||
|
||||
return {
|
||||
vorgangList
|
||||
|
||||
@@ -22,10 +22,10 @@
|
||||
.toString(36)
|
||||
.slice(2, 2 + PINLength);
|
||||
}
|
||||
let vorgangPIN = ''
|
||||
let vorgangPINOld = ''
|
||||
let vorgangPIN = '';
|
||||
let vorgangPINOld = '';
|
||||
$: vorgangPINOld = generatePIN();
|
||||
$: vorgangPIN = vorgangPINOld
|
||||
$: vorgangPIN = vorgangPINOld;
|
||||
|
||||
let vorgangExists = undefined;
|
||||
$: vorgangExists = false;
|
||||
@@ -139,6 +139,7 @@
|
||||
// big endian!
|
||||
let file = files[0];
|
||||
let file_header = file.slice(0, 4);
|
||||
console.log(file_header);
|
||||
let header_bytes = await file_header.bytes();
|
||||
let file_header_hex = '0x' + header_bytes.toHex().toString();
|
||||
|
||||
@@ -152,33 +153,36 @@
|
||||
|
||||
// `/(angemeldet)/view` return true or false
|
||||
async function checkVorgangExists(vorgangName: string) {
|
||||
|
||||
if (vorgangName == '') {
|
||||
vorgangPIN = vorgangPINOld;
|
||||
return;
|
||||
}
|
||||
|
||||
let url = `/api/list/${vorgangName}`
|
||||
|
||||
try {
|
||||
const url = `/api/list/${vorgangName}`;
|
||||
const response = await fetch(url, { method: 'HEAD' });
|
||||
const status = response.status;
|
||||
|
||||
if (status == 200) {
|
||||
if (response.status === 200) {
|
||||
console.log('Vorgang existiert:', vorgangName);
|
||||
vorgangExists = true;
|
||||
const token = await getVorgangPIN(vorgangName);
|
||||
vorgangPIN = token;
|
||||
|
||||
return true
|
||||
|
||||
return true;
|
||||
} else {
|
||||
console.log('Vorgang existiert nicht!');
|
||||
vorgangExists = false;
|
||||
vorgangPIN = vorgangPINOld;
|
||||
return false
|
||||
return false;
|
||||
}
|
||||
} catch (err) {
|
||||
console.error('Fehler bei checkVorgangExists:', err);
|
||||
vorgangExists = false;
|
||||
vorgangPIN = vorgangPINOld;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
async function getVorgangPIN(vorgangName: string) {
|
||||
|
||||
if (vorgangName == '') return;
|
||||
|
||||
let url = `/api/list/${vorgangName}/vorgangPIN`;
|
||||
@@ -190,7 +194,6 @@
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
</script>
|
||||
|
||||
<div class="mx-auto max-w-2xl">
|
||||
@@ -211,7 +214,7 @@
|
||||
><span class="flex"
|
||||
>{#if formErrors?.vorgang}
|
||||
<span class="inline-block mr-1"><Exclamation /></span>
|
||||
{/if} Vorgang</span
|
||||
{/if} Vorgangsname</span
|
||||
></label
|
||||
>
|
||||
<div class="mt-2">
|
||||
@@ -244,7 +247,7 @@
|
||||
><span class="flex"
|
||||
>{#if formErrors?.name}
|
||||
<span class="inline-block mr-1"><Exclamation /></span>
|
||||
{/if} Name</span
|
||||
{/if} Modellname</span
|
||||
></label
|
||||
>
|
||||
<div class="mt-2">
|
||||
@@ -283,16 +286,19 @@
|
||||
type="text"
|
||||
name="vorgang-pin"
|
||||
id="vorgang-pin"
|
||||
on:input="{ (ev) => { vorgangPINOld = ev.target.value }}"
|
||||
on:input={(ev) => {
|
||||
vorgangPINOld = ev.target.value;
|
||||
}}
|
||||
class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
|
||||
/>
|
||||
|
||||
</div>
|
||||
<button
|
||||
class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
|
||||
on:click="{() => {
|
||||
vorgangPIN = vorgangPINOld = generatePIN(); }}"
|
||||
type="button">
|
||||
on:click={() => {
|
||||
vorgangPIN = vorgangPINOld = generatePIN();
|
||||
}}
|
||||
type="button"
|
||||
>
|
||||
Generiere Zugangs-PIN
|
||||
</button>
|
||||
</div>
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import { client } from '$lib/minio';
|
||||
import {
|
||||
deleteVorgangByToken,
|
||||
vorgangNameExists
|
||||
} from '$lib/server/vorgangService';
|
||||
import { deleteVorgangByToken, vorgangNameExists } from '$lib/server/vorgangService';
|
||||
|
||||
export async function DELETE({ params }) {
|
||||
const vorgangToken = params.vorgang;
|
||||
@@ -29,13 +26,15 @@ export async function DELETE({ params }) {
|
||||
}
|
||||
|
||||
export async function HEAD({ params }) {
|
||||
try {
|
||||
const vorgangName = params.vorgang;
|
||||
const existing = await vorgangNameExists(vorgangName);
|
||||
|
||||
const existing = vorgangNameExists(vorgangName);
|
||||
|
||||
if (existing) {
|
||||
return new Response(null, { status: 200 });
|
||||
} else {
|
||||
return new Response(null, { status: 404 });
|
||||
return new Response(null, {
|
||||
status: existing ? 200 : 404
|
||||
});
|
||||
} catch (err) {
|
||||
console.error('Fehler im HEAD-Handler:', err);
|
||||
return new Response(null, { status: 500 });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ export async function GET({ params }) {
|
||||
|
||||
const getPINSQLStatement = `SELECT pin FROM cases WHERE name = ?;`;
|
||||
const row = db.prepare(getPINSQLStatement).get(vorgangName);
|
||||
const vorgangPIN = row.pin;
|
||||
const vorgangPIN = row?.pin;
|
||||
|
||||
if (vorgangPIN) {
|
||||
return new Response(vorgangPIN, { status: 200 });
|
||||
|
||||
Reference in New Issue
Block a user