PassWorld
/
PassWorld-API
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add account deletion
continuous-integration/drone/push Build is failing Details

Browse Source
master
remrem 2 years ago
parent e740bfe9c8
commit cc15fc4f51
3 changed files with 42 additions and 36 deletions
Show Stats Download Patch File Download Diff File

2
bin/server.dart
Unescape View File

@ -11,7 +11,7 @@ final _router = Router()
..get('/', API.rootHandler) ..get('/', API.rootHandler)
..get('/admin/users', API.getAllUsers) ..get('/admin/users', API.getAllUsers)
// POST (EN VRAI C'EST DES GET AVEC UN BODY) // POST (EN VRAI C'EST DES GET AVEC UN BODY)
..post('/user/password-file', API.downloadPasswordDb) ..get('/user/password-file', API.downloadPasswordDb)
..post('/auth', API.authenticator) ..post('/auth', API.authenticator)
..post('/user/account', API.createAccount) // vrai post ..post('/user/account', API.createAccount) // vrai post
// PUT // PUT

41
lib/api/api.dart
Unescape View File

@ -8,10 +8,6 @@ import 'package:passworld_api/database/accounts_to_postgres.dart';
// Class for all static function that handles api routes // Class for all static function that handles api routes
class API { class API {
/*---------------|
|-------GET------|
|---------------*/
// Default response for / // Default response for /
static Response rootHandler(Request req) { static Response rootHandler(Request req) {
return Response.ok('Greetings from PassWorld!\n'); return Response.ok('Greetings from PassWorld!\n');
@ -56,9 +52,6 @@ class API {
}); });
*/ */
} }
/*---------------|
|------POST------|
|---------------*/
// Create account // Create account
static Future<Response> createAccount(Request req) async { static Future<Response> createAccount(Request req) async {
@ -81,9 +74,24 @@ class API {
} }
} }
/*---------------| // Delete Account
|-------PUT------| static Future<Response> deleteAccount(Request req) async {
|---------------*/ final List<String> required = ["email", "password"];
final body = await bodyToJson(req);
if (await checkRequiredFields(required, body)) {
try {
await AccountsToPostgres.deleteAccount(
body[required[0]], body[required[1]]);
} catch (e) {
return Response(409,
body: 'There was a problem with deletion'); // 409 (Conflict)
}
return Response(200, body: 'Account successfully deleted'); // 200 (OK)
} else {
return Response.badRequest(body: 'Bad request'); // 400 (Bad Request)
}
}
// Update master password // Update master password
static Response changeMasterPassword(Request req) { static Response changeMasterPassword(Request req) {
@ -132,19 +140,6 @@ class API {
return Response.ok("API: file received"); return Response.ok("API: file received");
} }
/*---------------|
|-----DELETE-----|
|---------------*/
// Delete account
static Response deleteAccount(Request req) {
return Response.ok("");
}
/*---------------|
|-------MISC-----|
|---------------*/
// Check if required fields are in req body // Check if required fields are in req body
static Future<bool> checkRequiredFields( static Future<bool> checkRequiredFields(
List<String> fields, Map<String, dynamic> body) async { List<String> fields, Map<String, dynamic> body) async {

35
lib/database/accounts_to_postgres.dart
Unescape View File

@ -23,18 +23,21 @@ class AccountsToPostgres {
//initConnection(); //initConnection();
} }
// Open connection to database
static Future<void> openConnection() async { static Future<void> openConnection() async {
await connection.open().then((value) { await connection.open().then((value) {
print("🟢 PassWorld DB connection opened"); print("🟢 PassWorld DB connection opened");
}); });
} }
// Close connection to database
static void closeConnection() async { static void closeConnection() async {
connection.close().then((value) { connection.close().then((value) {
print("🔴 PassWorld DB connection closed"); print("🔴 PassWorld DB connection closed");
}); });
} }
// Create tables and other things for the database
static Future<void> createAccountTable() async { static Future<void> createAccountTable() async {
await openConnection(); await openConnection();
await connection.query(""" await connection.query("""
@ -55,7 +58,8 @@ class AccountsToPostgres {
print("🟦 Account Table Created"); print("🟦 Account Table Created");
} }
// Add support for twoFa if needed // TODO: Add support for twoFa if needed
// Create user account
static Future<void> createAccount( static Future<void> createAccount(
String mail, String hash, String salt /*, List<String> twoFaStr*/) async { String mail, String hash, String salt /*, List<String> twoFaStr*/) async {
await checkMailAlreadyExist(mail); // TODO: throw execption if != null await checkMailAlreadyExist(mail); // TODO: throw execption if != null
@ -70,6 +74,15 @@ class AccountsToPostgres {
print("✅ Account succesfully created"); print("✅ Account succesfully created");
} }
static Future<void> deleteAccount(String mail, String hash) async {
await checkMailAlreadyExist(mail); // TODO: throw execption if != null
// TODO: check authentication
await connection.query("DELETE FROM \"Account\" WHERE mail=@mail",
substitutionValues: {"mail": mail});
print("✅ Account succesfully deleted");
}
// get user passord hash by mail
static Future<String> selectHashByMail(String mail) async { static Future<String> selectHashByMail(String mail) async {
List<List<dynamic>> results = await connection.query( List<List<dynamic>> results = await connection.query(
"SELECT hash FROM \"Account\" WHERE mail=@mail", "SELECT hash FROM \"Account\" WHERE mail=@mail",
@ -78,6 +91,7 @@ class AccountsToPostgres {
return results[0][0]; return results[0][0];
} }
// check if mail is already used in database
static Future<void> checkMailAlreadyExist(String mail) async { static Future<void> checkMailAlreadyExist(String mail) async {
List<List<dynamic>> results = await connection.query( List<List<dynamic>> results = await connection.query(
"SELECT id FROM \"Account\" WHERE mail=@mail", "SELECT id FROM \"Account\" WHERE mail=@mail",
@ -87,7 +101,9 @@ class AccountsToPostgres {
return; return;
} }
static Future<void> updatePass(String mail, String hash, String salt) async { // Update user password
static Future<void> updatePassword(
String mail, String hash, String salt) async {
if (selectHashByMail(mail) == null) { if (selectHashByMail(mail) == null) {
return; return;
} else { } else {
@ -97,7 +113,8 @@ class AccountsToPostgres {
} }
} }
static Future<void> updateFilePass(String mail, File passwordFile) async { // Update user password file
static Future<void> updatePasswordFile(String mail, File passwordFile) async {
List<int> passwordBlob = List<int> passwordBlob =
utf8.encode(await passwordFile.readAsString(encoding: utf8)); utf8.encode(await passwordFile.readAsString(encoding: utf8));
@ -110,6 +127,7 @@ class AccountsToPostgres {
} }
} }
// Update user twoFa
static Future<void> updateTwoFa(String mail, List<String> tfa) async { static Future<void> updateTwoFa(String mail, List<String> tfa) async {
List<String> twoFaStr = List.empty(growable: true); List<String> twoFaStr = List.empty(growable: true);
@ -122,6 +140,7 @@ class AccountsToPostgres {
} }
} }
// Update user mail
static Future<void> updateMail(String mail, String newMail) async { static Future<void> updateMail(String mail, String newMail) async {
if (selectHashByMail(mail) == null) { if (selectHashByMail(mail) == null) {
return; return;
@ -133,15 +152,7 @@ class AccountsToPostgres {
print("✅ Mail succesfully updated"); print("✅ Mail succesfully updated");
} }
static Future<void> deleteById(String id) async { // ADMIN: get infos on all users
await connection.query("DELETE FROM \"Account\" WHERE id=@identifiant",
substitutionValues: {"identifiant": id});
}
//
// ADMIN
//
static Future<PostgreSQLResult> getAllUsers() async { static Future<PostgreSQLResult> getAllUsers() async {
PostgreSQLResult res = PostgreSQLResult res =
await connection.query("SELECT id, hash, salt from \"Account\""); await connection.query("SELECT id, hash, salt from \"Account\"");

Write Preview
Loading…
Cancel
Save