Fixed various issues and added /api/loggedin
This commit is contained in:
parent
754048e3d6
commit
a1ae521b56
51
main.go
51
main.go
|
|
@ -58,8 +58,8 @@ func hash(password, salt string) string {
|
||||||
return hashString
|
return hashString
|
||||||
}
|
}
|
||||||
|
|
||||||
func verifyHash(werkzeughash, password string) bool {
|
func verifyHash(werkzeug_hash, password string) bool {
|
||||||
parts := strings.Split(werkzeughash, "$")
|
parts := strings.Split(werkzeug_hash, "$")
|
||||||
if len(parts) != 3 || parts[0] != "scrypt:32768:8:1" {
|
if len(parts) != 3 || parts[0] != "scrypt:32768:8:1" {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
@ -67,7 +67,7 @@ func verifyHash(werkzeughash, password string) bool {
|
||||||
|
|
||||||
computedHash := hash(password, salt)
|
computedHash := hash(password, salt)
|
||||||
|
|
||||||
return werkzeughash == computedHash
|
return werkzeug_hash == computedHash
|
||||||
}
|
}
|
||||||
|
|
||||||
func get_db_connection() *sql.DB {
|
func get_db_connection() *sql.DB {
|
||||||
|
|
@ -511,6 +511,35 @@ func main() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
router.POST("/api/loggedin", func(c *gin.Context) {
|
||||||
|
var data map[string]interface{}
|
||||||
|
err := c.ShouldBindJSON(&data)
|
||||||
|
if err != nil {
|
||||||
|
c.JSON(400, gin.H{"error": "Invalid JSON"})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
token := data["access_token"].(string)
|
||||||
|
conn := get_db_connection()
|
||||||
|
defer func(conn *sql.DB) {
|
||||||
|
err := conn.Close()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("[ERROR] Unknown in /api/uniqueid defer at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||||
|
}
|
||||||
|
}(conn)
|
||||||
|
var blacklisted bool
|
||||||
|
err = conn.QueryRow("SELECT blacklisted FROM blacklist WHERE token = ? LIMIT 1", token).Scan(&blacklisted)
|
||||||
|
if err == nil {
|
||||||
|
c.JSON(400, gin.H{"error": "Token is in blacklist"})
|
||||||
|
return
|
||||||
|
} else {
|
||||||
|
if !errors.Is(err, sql.ErrNoRows) {
|
||||||
|
fmt.Println("[ERROR] Unknown in /api/uniqueid blacklist at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
parsedtoken, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
|
parsedtoken, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
|
||||||
return []byte(SECRET_KEY), nil
|
return []byte(SECRET_KEY), nil
|
||||||
|
|
@ -539,25 +568,13 @@ func main() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
userid, norows := get_user_from_session(session)
|
_, norows := get_user_from_session(session)
|
||||||
if norows {
|
if norows {
|
||||||
c.JSON(400, gin.H{"error": "Session does not exist"})
|
c.JSON(400, gin.H{"error": "Session does not exist"})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var uniqueid string
|
c.JSON(200, gin.H{"success": "true"})
|
||||||
err = conn.QueryRow("SELECT uniqueid FROM users WHERE id = ? LIMIT 1", userid).Scan(&uniqueid)
|
|
||||||
if err != nil {
|
|
||||||
if errors.Is(err, sql.ErrNoRows) {
|
|
||||||
c.JSON(400, gin.H{"error": "User does not exist"})
|
|
||||||
return
|
|
||||||
} else {
|
|
||||||
fmt.Println("[ERROR] Unknown in /api/uniqueid fetch at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
c.JSON(200, gin.H{"uniqueid": uniqueid})
|
|
||||||
})
|
})
|
||||||
|
|
||||||
router.GET("/api/auth", func(c *gin.Context) {
|
router.GET("/api/auth", func(c *gin.Context) {
|
||||||
|
|
|
||||||
Reference in New Issue