Merge pull request 'f052_admin_area' (#27) from f052_admin_area into development
Some checks failed
InnoHub Processor/tatort/pipeline/head There was a failure building this commit
Some checks failed
InnoHub Processor/tatort/pipeline/head There was a failure building this commit
Reviewed-on: #27
This commit was merged in pull request #27.
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
import jwt from 'jsonwebtoken';
|
||||
import jsSHA from 'jssha';
|
||||
import bcrypt from 'bcrypt';
|
||||
import { db } from '$lib/server/dbService';
|
||||
|
||||
import config from '$lib/config';
|
||||
@@ -7,7 +7,6 @@ import config from '$lib/config';
|
||||
const SECRET = config.jwt.secret;
|
||||
const EXPIRES_IN = config.jwt.expiresIn;
|
||||
|
||||
|
||||
export function createToken(userData) {
|
||||
return jwt.sign(userData, SECRET, { expiresIn: EXPIRES_IN });
|
||||
}
|
||||
@@ -19,14 +18,16 @@ export function decryptToken(token: string) {
|
||||
export function authenticate(user, password) {
|
||||
let JWTToken;
|
||||
|
||||
// hash user password
|
||||
const hashedPW = new jsSHA('SHA-512', 'TEXT').update(password).getHash('HEX');
|
||||
|
||||
const getUserSQLStmt = 'SELECT name, pw FROM users WHERE name = ?';
|
||||
const row = db.prepare(getUserSQLStmt).get(user);
|
||||
|
||||
if (!row) {
|
||||
return null;
|
||||
}
|
||||
const storedPW = row.pw;
|
||||
|
||||
if (hashedPW && hashedPW === storedPW) {
|
||||
const isValid = bcrypt.compareSync(password, storedPW)
|
||||
if (isValid) {
|
||||
JWTToken = createToken({ id: user, admin: true });
|
||||
}
|
||||
|
||||
|
||||
51
src/lib/server/userService.ts
Normal file
51
src/lib/server/userService.ts
Normal file
@@ -0,0 +1,51 @@
|
||||
import { db } from '$lib/server/dbService';
|
||||
|
||||
export const getUsers = (): { userId: string; userName: string }[] => {
|
||||
const getUsersSQLStmt = `SELECT id, name
|
||||
FROM users;`;
|
||||
const statement = db.prepare(getUsersSQLStmt);
|
||||
const result = statement.all() as { id: string; name: string }[];
|
||||
const userList: { userId: string; userName: string }[] = [];
|
||||
|
||||
for (const resultItem of result) {
|
||||
const user = { userId: resultItem.id, userName: resultItem.name };
|
||||
userList.push(user);
|
||||
}
|
||||
|
||||
return userList;
|
||||
};
|
||||
|
||||
export const addUser = (userName: string, userPassword: string) => {
|
||||
const addUserSQLStmt = `INSERT into users(name, pw)
|
||||
values (?, ?)`;
|
||||
const statement = db.prepare(addUserSQLStmt);
|
||||
|
||||
let rowInfo;
|
||||
try {
|
||||
rowInfo = statement.run(userName, userPassword);
|
||||
return rowInfo;
|
||||
} catch (error) {
|
||||
console.error('ERROR: ', error);
|
||||
}
|
||||
};
|
||||
|
||||
export const deleteUser = (userId: string) => {
|
||||
// make sure to not delete the last entry
|
||||
const deleteUserSQLStmt = `DELETE
|
||||
FROM users
|
||||
WHERE id = ?
|
||||
AND (SELECT COUNT(*) FROM users) > 1;`;
|
||||
|
||||
const statement = db.prepare(deleteUserSQLStmt);
|
||||
|
||||
let rowCount;
|
||||
try {
|
||||
const info = statement.run(userId);
|
||||
rowCount = info.changes;
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
rowCount = 0;
|
||||
}
|
||||
|
||||
return rowCount;
|
||||
};
|
||||
Reference in New Issue
Block a user