diff --git a/lib/api/api.dart b/lib/api/api.dart index 13cf917..54fda6b 100644 --- a/lib/api/api.dart +++ b/lib/api/api.dart @@ -1,6 +1,7 @@ import 'package:shelf/shelf.dart'; import 'package:shelf_router/shelf_router.dart'; import 'dart:convert'; +import 'package:passworld_api/database/accounts_to_postgres.dart'; // Class for all static function that handles api routes class API { @@ -15,13 +16,14 @@ class API { // Check for authentication static Future authenticator(Request req) async { - final List required = ["mail", "password"]; - - if (await checkRequiredFields(required, req)) { - return Response.ok('true'); - } - - return Response.badRequest(); + // final List required = ["email", "password"]; + + // if (await checkRequiredFields(required, req)) { + // return Response.ok('true'); + // } else { + // return Response.badRequest(); + // } + return Response(404); } // Download sqlite password file @@ -49,8 +51,19 @@ class API { |---------------*/ // Create account - static Response createAccount(Request req) { - return Response.ok(""); + static Future createAccount(Request req) async { + final List required = ["email", "password", "salt", "twofa"]; + var tmp = await req.readAsString(); + final Map body = json.decode(tmp); + + if (await checkRequiredFields(required, body)) { + AccountsToPostgres db = AccountsToPostgres(); + db.create(body[required[0]], body[required[1]], body[required[2]], + body[required[3]]); + return Response.ok('true'); + } else { + return Response.badRequest(); + } } /*---------------| @@ -87,16 +100,18 @@ class API { // Check if required fields are in req body static Future checkRequiredFields( - List fields, Request req) async { + List fields, Map body) async { // json object read -> check dic keys - var tmp = await req.readAsString(); - final Map body = json.decode(tmp); - bool check = false; - for (String s in fields) { - if (body['$s'] == "") { + for (String itFields in fields) { + if (!body.containsKey(itFields)) { + print(itFields); + return false; + } + if (body[itFields] == "") { + print(itFields); return false; } } - return false; + return true; } } diff --git a/lib/database/accounts_to_postgres.dart b/lib/database/accounts_to_postgres.dart index 0a43c8c..bc74c17 100644 --- a/lib/database/accounts_to_postgres.dart +++ b/lib/database/accounts_to_postgres.dart @@ -1,94 +1,99 @@ - import 'dart:convert'; import 'dart:io'; import 'package:postgres/postgres.dart'; -class AccountsToPostgres{ - final connection = PostgreSQLConnection("localhost", 5432, 'passworld',username: 'pass',password: '1p2a3s4s5'); - - AccountsToPostgres(){ +class AccountsToPostgres { + /* Dev + final connection = PostgreSQLConnection("localhost", 5432, 'passworld', + username: 'pass', password: '1p2a3s4s5'); + */ + + // Production + final connection = PostgreSQLConnection( + Platform.environment["ENV_DB_SERVER"]!, + 5432, + Platform.environment["ENV_DB_DATABASE"]!, + username: Platform.environment["ENV_DB_USER"], + password: Platform.environment["ENV_DB_PASSWORD"]); + + AccountsToPostgres() { initConnection(); } - void initConnection()async{ - await connection.open().then((value){ + void initConnection() async { + await connection.open().then((value) { print("PostgreSQL connection opened"); - }); } @override - void create(String id,String hash,String salt,List twoFaStr, File passwordFile ) async { - List passwordBlob = utf8.encode( await passwordFile.readAsString(encoding: utf8)); - - - connection.query("INSERT INTO \"Account\" VALUES(@id,@hash,@salt,@twofa,@passwords)",substitutionValues: { - "id" : id, - "hash" : hash, - "salt" : salt, - "twofa" : twoFaStr, - "passwords" : passwordBlob - }); + void create( + String email, String hash, String salt, List twoFaStr) async { + connection.query( + "INSERT INTO \"Account\" VALUES(@id,@hash,@salt,@twofa,@passwords)", + substitutionValues: { + "id": email, + "hash": hash, + "salt": salt, + "twofa": twoFaStr + }); + print("Account succesfully created"); } @override Future selectHashById(String id) async { - List> results = await connection.query("SELECT hash FROM \"Account\" WHERE id=@identifiant",substitutionValues: { - "identifiant" : id - }); - - connection.close(); + List> results = await connection.query( + "SELECT hash FROM \"Account\" WHERE id=@identifiant", + substitutionValues: {"identifiant": id}); + return results[0][0]; } @override - void updatePass(String identifiant,String hash,String salt) async { - if(selectHashById(identifiant)==null){ + void updatePass(String identifiant, String hash, String salt) async { + if (selectHashById(identifiant) == null) { return; - }else{ - await connection.query("UPDATE \"Account\" SET hash=@h, salt=@s WHERE id=@identifiant",substitutionValues: { - "identifiant" : identifiant, - "h" : hash, - "s" : salt - }); + } else { + await connection.query( + "UPDATE \"Account\" SET hash=@h, salt=@s WHERE id=@identifiant", + substitutionValues: { + "identifiant": identifiant, + "h": hash, + "s": salt + }); } } @override - void updateFilePass(String identifiant, File passwordFile) async{ - List passwordBlob = utf8.encode( await passwordFile.readAsString(encoding: utf8)); + void updateFilePass(String identifiant, File passwordFile) async { + List passwordBlob = + utf8.encode(await passwordFile.readAsString(encoding: utf8)); - if(selectHashById(identifiant)==null){ + if (selectHashById(identifiant) == null) { return; - }else{ - await connection.query("UPDATE \"Account\" SET passwords=@p WHERE id=@identifiant",substitutionValues: { - "identifiant" : identifiant, - "p" : passwordBlob - }); + } else { + await connection.query( + "UPDATE \"Account\" SET passwords=@p WHERE id=@identifiant", + substitutionValues: {"identifiant": identifiant, "p": passwordBlob}); } } @override - void updateTwoFa(String identifiant,List tfa) async { + void updateTwoFa(String identifiant, List tfa) async { List twoFaStr = List.empty(growable: true); - if(selectHashById(identifiant)==null){ + if (selectHashById(identifiant) == null) { return; - }else{ - await connection.query("UPDATE \"Account\" SET twofa=@tfa WHERE id=@identifiant",substitutionValues: { - "identifiant" : identifiant, - "tfa" : tfa - }); - } + } else { + await connection.query( + "UPDATE \"Account\" SET twofa=@tfa WHERE id=@identifiant", + substitutionValues: {"identifiant": identifiant, "tfa": tfa}); + } } - - - @override - void DeleteById(String id) async{ - await connection.query("DELETE FROM \"Account\" WHERE id=@identifiant",substitutionValues: { - "identifiant" : id - }); + void DeleteById(String id) async { + await connection.query("DELETE FROM \"Account\" WHERE id=@identifiant", + substitutionValues: {"identifiant": id}); } -} \ No newline at end of file +} diff --git a/test/api_test.dart b/test/api_test.dart new file mode 100644 index 0000000..f7a5845 --- /dev/null +++ b/test/api_test.dart @@ -0,0 +1,20 @@ +import 'package:http/http.dart' as http; +import 'dart:convert'; + +void main() async { + String base1 = + 'https://codefirst.iut.uca.fr/containers/passworld-api-remiarnal'; + + String base2 = 'localhost:8080'; + + Uri baseURL = Uri.parse("$base2/auth"); + String body = """ +{ + "mail" : "haha", + "password" : "haha" +} +"""; + + var res = await http.post(baseURL, body: body); + print(res.body); +}