master
remrem 2 years ago
parent 4ee56387b3
commit 19d8ee4d2a

@ -10,8 +10,9 @@ final _router = Router()
// GET // GET
..get('/', API.rootHandler) ..get('/', API.rootHandler)
..get('/admin/users', API.getAllUsers) ..get('/admin/users', API.getAllUsers)
..post('/user/salt', API.getSalt)
// POST (EN VRAI C'EST DES GET AVEC UN BODY) // POST (EN VRAI C'EST DES GET AVEC UN BODY)
..get('/user/password-file', API.downloadPasswordDb) ..post('/user/password-file', API.downloadPasswordDb)
..post('/auth', API.authenticator) ..post('/auth', API.authenticator)
..post('/user/account', API.createAccount) // vrai post ..post('/user/account', API.createAccount) // vrai post
// PUT // PUT

@ -13,6 +13,23 @@ class API {
return Response.ok('Greetings from PassWorld!\n'); return Response.ok('Greetings from PassWorld!\n');
} }
static Future<Response> getSalt(Request req) async {
final List<String> required = ["email"];
final body = await bodyToJson(req);
if (await checkRequiredFields(required, body)) {
try {
String salt =
await AccountsToPostgres.selectSaltByMail(body[required[0]]);
return Response(200, body: salt);
} catch (e) {
return Response(204, body: 'Account already existing'); // No content
}
} else {
return Response.badRequest(body: 'bad body');
}
}
// Check for authentication // Check for authentication
static Future<Response> authenticator(Request req) async { static Future<Response> authenticator(Request req) async {
final List<String> required = ["email", "password"]; final List<String> required = ["email", "password"];

@ -8,16 +8,16 @@ class AccountsToPostgres {
// username: 'pass', password: '1p2a3s4s5'); // username: 'pass', password: '1p2a3s4s5');
/* Dev RemRem */ /* Dev RemRem */
// static final connection = PostgreSQLConnection("localhost", 5432, 'passworld', static final connection = PostgreSQLConnection("localhost", 5432, 'passworld',
// username: 'hel', password: ''); username: 'hel', password: '');
/* Production */ /* Production */
static final connection = PostgreSQLConnection( // static final connection = PostgreSQLConnection(
Platform.environment["DB_SERVER"]!, // Platform.environment["DB_SERVER"]!,
5432, // 5432,
Platform.environment["DB_DATABASE"]!, // Platform.environment["DB_DATABASE"]!,
username: Platform.environment["DB_USER"], // username: Platform.environment["DB_USER"],
password: Platform.environment["DB_PASSWORD"]); // password: Platform.environment["DB_PASSWORD"]);
AccountsToPostgres() { AccountsToPostgres() {
//initConnection(); //initConnection();
@ -89,6 +89,15 @@ class AccountsToPostgres {
return results[0][0]; return results[0][0];
} }
// check if mail is already used in database
static Future<String> selectSaltByMail(String mail) async {
List<List<dynamic>> results = await connection.query(
"SELECT salt FROM \"Account\" WHERE mail=@mail",
substitutionValues: {"mail": mail});
return results[0][0];
}
// Update user password // Update user password
static Future<void> updatePassword( static Future<void> updatePassword(
String mail, String newHash, String newSalt) async { String mail, String newHash, String newSalt) async {
@ -148,7 +157,7 @@ class AccountsToPostgres {
// ADMIN: get infos on all users // ADMIN: get infos on all users
static Future<PostgreSQLResult> getAllUsers() async { static Future<PostgreSQLResult> getAllUsers() async {
PostgreSQLResult res = PostgreSQLResult res =
await connection.query("SELECT id, hash, salt from \"Account\""); await connection.query("SELECT mail, hash, salt from \"Account\"");
print("🟥 ADMIN: get all users"); print("🟥 ADMIN: get all users");
return res; return res;
} }

Loading…
Cancel
Save