AllDev
/
Api
6
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Token limité à une semaine + patch création infini de token + UserDTO pour cacher token et/ou password
continuous-integration/drone/push Build is passing Details

Browse Source
pull/4/head
Lucas Evard 2 years ago
parent 6d63f0b5ff
commit 3e0e3fa9cb
4 changed files with 52 additions and 7 deletions
Show Stats Download Patch File Download Diff File

10
Sources/pom.xml
Unescape View File

@ -37,12 +37,22 @@
<artifactId>ktorm-core</artifactId> <artifactId>ktorm-core</artifactId>
<version>3.2.0</version> <version>3.2.0</version>
</dependency> </dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${logback_version}</version>
</dependency>
<dependency> <dependency>
<groupId>io.ktor</groupId> <groupId>io.ktor</groupId>
<artifactId>ktor-server-tests-jvm</artifactId> <artifactId>ktor-server-tests-jvm</artifactId>
<version>${ktor_version}</version> <version>${ktor_version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j_version}</version>
</dependency>
<dependency> <dependency>
<groupId>io.ktor</groupId> <groupId>io.ktor</groupId>
<artifactId>ktor-server-core</artifactId> <artifactId>ktor-server-core</artifactId>

15
Sources/src/main/kotlin/allin/dto/UserDTO.kt
Unescape View File

@ -0,0 +1,15 @@
package allin.dto
import allin.model.User
import kotlinx.serialization.Serializable
@Serializable
data class UserDTO(val username: String,val email: String, val nbCoins: Int)
@Serializable
data class UserDTOWithToken(val username: String,val email: String, val nbCoins: Int, val token:String?)
fun convertUserToUserDTO(user: User): UserDTO {
return UserDTO(user.username, user.email, user.nbCoins)
}
fun convertUserToUserDTOToken(user: User): UserDTOWithToken {
return UserDTOWithToken(user.username, user.email, user.nbCoins,user.token)
}

11
Sources/src/main/kotlin/allin/routing/UserRouter.kt
Unescape View File

@ -1,5 +1,6 @@
package allin.routing package allin.routing
import allin.dto.*
import allin.model.CheckUser import allin.model.CheckUser
import allin.model.User import allin.model.User
import com.typesafe.config.ConfigFactory import com.typesafe.config.ConfigFactory
@ -29,7 +30,7 @@ fun Application.UserRouter() {
val user = users.find { it.username == TempUser.username || it.email == TempUser.email } val user = users.find { it.username == TempUser.username || it.email == TempUser.email }
if(user == null) { if(user == null) {
users.add(TempUser) users.add(TempUser)
call.respond(HttpStatusCode.Created, TempUser) call.respond(HttpStatusCode.Created, convertUserToUserDTO(TempUser))
} }
call.respond(HttpStatusCode.Conflict,"Mail or/and username already exist") call.respond(HttpStatusCode.Conflict,"Mail or/and username already exist")
} }
@ -40,8 +41,8 @@ fun Application.UserRouter() {
val checkUser = call.receive<CheckUser>() val checkUser = call.receive<CheckUser>()
val user = users.find { it.username == checkUser.login || it.email == checkUser.login } val user = users.find { it.username == checkUser.login || it.email == checkUser.login }
if (user != null && user.password == checkUser.password) { if (user != null && user.password == checkUser.password) {
user.token=tokenManager.generateJWTToken(user) user.token=tokenManager.generateOrReplaceJWTToken(user)
call.respond(HttpStatusCode.OK, user) call.respond(HttpStatusCode.OK, convertUserToUserDTOToken(user))
} else { } else {
call.respond(HttpStatusCode.NotFound,"Login and/or password incorrect.") call.respond(HttpStatusCode.NotFound,"Login and/or password incorrect.")
} }
@ -54,7 +55,7 @@ fun Application.UserRouter() {
val user = users.find { it.username == checkUser.login || it.email == checkUser.login } val user = users.find { it.username == checkUser.login || it.email == checkUser.login }
if (user != null && user.password == checkUser.password) { if (user != null && user.password == checkUser.password) {
users.remove(user) users.remove(user)
call.respond(HttpStatusCode.Accepted, user) call.respond(HttpStatusCode.Accepted,convertUserToUserDTO(user))
} else { } else {
call.respond(HttpStatusCode.NotFound,"Login and/or password incorrect.") call.respond(HttpStatusCode.NotFound,"Login and/or password incorrect.")
} }
@ -67,7 +68,7 @@ fun Application.UserRouter() {
val username = principal!!.payload.getClaim("username").asString() val username = principal!!.payload.getClaim("username").asString()
val user = users.find { it.username == username } val user = users.find { it.username == username }
if (user != null) { if (user != null) {
call.respond(HttpStatusCode.OK, user) call.respond(HttpStatusCode.OK,convertUserToUserDTO(user))
} else { } else {
call.respond(HttpStatusCode.NotFound, "User not found with the valid token !") call.respond(HttpStatusCode.NotFound, "User not found with the valid token !")
} }

23
Sources/src/main/kotlin/allin/utils/TokenManager.kt
Unescape View File

@ -12,8 +12,9 @@ class TokenManager (val config: HoconApplicationConfig){
val audience=config.property("audience").getString() val audience=config.property("audience").getString()
val secret=config.property("secret").getString() val secret=config.property("secret").getString()
val issuer=config.property("issuer").getString() val issuer=config.property("issuer").getString()
val expirationDate = System.currentTimeMillis() + 60000 private fun generateJWTToken(user : User): String {
fun generateJWTToken(user : User): String { val expirationDate = System.currentTimeMillis() + 604800000 // une semaine en miliseconde
val token = JWT.create() val token = JWT.create()
.withAudience(audience) .withAudience(audience)
.withIssuer(issuer) .withIssuer(issuer)
@ -29,4 +30,22 @@ class TokenManager (val config: HoconApplicationConfig){
.withIssuer(issuer) .withIssuer(issuer)
.build() .build()
} }
fun generateOrReplaceJWTToken(user: User): String {
val userToken = getUserToken(user)
if (userToken != null && !isTokenExpired(userToken)) {
return userToken
} else {
return generateJWTToken(user)
}
}
private fun isTokenExpired(token: String): Boolean {
val expirationTime = JWT.decode(token).expiresAt.time
return System.currentTimeMillis() > expirationTime
}
private fun getUserToken(user: User): String? {
return user.token
}
} }
Write Preview
Loading…
Cancel
Save