Mirrors/tinypin
1
0
Fork 0
mirror of https://github.com/slynn1324/tinypin.git synced 2026-01-23 02:25:08 +00:00
Code Issues Projects Releases Wiki Activity

login/logout working

Browse source
This commit is contained in:
slynn1324 2021-01-23 19:06:34 -06:00
parent 446cfe17c6
commit 3c9bfc190e
2 changed files with 50 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

63
server.js
View file

@ -90,18 +90,18 @@ app.post("/login", (req, res) => {
let result = db.prepare("SELECT * FROM users WHERE username = @username AND passhash = @passhash").get({username: username, passhash: passhash});
if ( result ){
console.log(`login ok user ${username}`);
console.log(`login ${username} ok`);
res.cookie('s', JSON.stringify({
sendAuthCookie(res,{
i: result.id,
u: result.username,
u: req.body.username,
d: new Date().toISOString()
}));
});
res.redirect("./");
} else {
console.log(`login failed for user ${username}`);
console.log(`login ${username} failed`);
res.redirect("/login.html#nope");
}
@ -114,21 +114,41 @@ app.use( (req, res, next) => {
let s = req.cookies.s;
if ( s ){
s = JSON.parse(s);
req.user = {
id: s.i,
name: s.u
}
try {
s = JSON.parse(s);
next();
if ( s.i && s.u ){
req.user = {
id: s.i,
name: s.u
}
next();
} else {
console.log(s);
console.error(`invalid cookie`);
failAuth(req,res);
}
} catch (err){
console.error(`error parsing cookie: `, err);
failAuth(req,res);
}
} else {
console.log("not logged in");
res.redirect("/login.html"); // this means we have issues with a context path, but is needed for image redirects to work
// if it's an api or image request, just 401 -- otherwise redirect the browser
failAuth(req,res);
}
});
function failAuth(req,res){
if ( req.originalUrl.startsWith("/api") || req.originalUrl.startsWith("/thumbnails") || req.originalUrl.startsWith("/originals") ){
res.status(401).send();
} else {
res.redirect("/login.html"); // this means we have issues with a context path, but is needed for image redirects to work
}
}
app.use(express.static('static'));
app.use(express.static(IMAGE_PATH));
@ -394,22 +414,29 @@ app.post("/create-account", (req, res) => {
console.log(` user pk = ${result.lastInsertRowid}`);
let c = {
sendAuthCookie(res, {
i: result.lastInsertRowid,
u: req.body.username,
d: new Date().toISOString()
}
res.cookie('s', JSON.stringify(c));
});
res.redirect("create-account.html");
});
app.get("/logout", (req, res) => {
console.log(`logout user ${req.user.name}`);
res.cookie('s', '', {maxAge:0});
res.redirect("/login.html");
});
app.get("/whoami", (req, res) => {
res.send(req.user);
});
function sendAuthCookie(res, c){
res.cookie('s', JSON.stringify(c), {maxAge: 315569520000}); // 10 years
}
function hashPassword(pw){
return crypto.createHash('sha256', passwordSalt).update(pw).digest('hex');
}

6
static/components/navbar.js
View file

@ -10,6 +10,10 @@ app.addSetter('navbar.refresh', () =>{
window.location.reload();
});
app.addSetter("navbar.logout", () => {
window.location = "./logout";
});
app.addComponent('navbar', (store) => { return new Reef("#navbar", {
store: store,
template: (data) => {
@ -71,7 +75,7 @@ app.addComponent('navbar', (store) => { return new Reef("#navbar", {
${refreshItem}
<a class="navbar-item has-text-right">
<a class="navbar-item has-text-right" data-onclick="navbar.logout">
<span>sign out</span>
<img alt="sign out" width="32" height="32" src="data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9JzMwMHB4JyB3aWR0aD0nMzAwcHgnICBmaWxsPSIjMDAwMDAwIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGRhdGEtbmFtZT0iTGF5ZXIgMSIgdmlld0JveD0iMCAwIDEwMCAxMDAiIHg9IjBweCIgeT0iMHB4Ij48dGl0bGU+QXJ0Ym9hcmQgODQ8L3RpdGxlPjxnPjxwYXRoIGQ9Ik0yOCw4MkgzOFY3NEgyOGEyLDIsMCwwLDEtMi0yVjI4YTIsMiwwLDAsMSwyLTJIMzhWMThIMjhBMTAsMTAsMCwwLDAsMTgsMjhWNzJBMTAsMTAsMCwwLDAsMjgsODJaIj48L3BhdGg+PHBhdGggZD0iTTY2LDMyLjM0LDYwLjM0LDM4bDgsOEgzNHY4SDY4LjM0bC04LDhMNjYsNjcuNjYsODAuODMsNTIuODNhNCw0LDAsMCwwLDAtNS42NloiPjwvcGF0aD48L2c+PC9zdmc+" />
<a>