This commit is contained in:
parent
02f7424b56
commit
95983021ed
GPG Key ID:
37ABC11275CAABCE
|
|
@ -11,7 +11,7 @@ dotenv.config();
|
|||
export const checkAdminPrivileges = async (sessionId: string, sessionKey: string, ip: string) => {
|
||||
if(sessionId) {
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
return user.is_active;
|
||||
return user.isActive;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
|
@ -23,7 +23,7 @@ export const checkAdminPrivileges = async (sessionId: string, sessionKey: string
|
|||
export const checkMemberPrivileges = async (sessionId: string, sessionKey: string, password: string, ip: string) => {
|
||||
if(sessionId) {
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
return user.is_active;
|
||||
return user.isActive;
|
||||
}
|
||||
|
||||
return password == process.env.MEMBER_CREDENTIAL;
|
||||
|
|
@ -36,7 +36,7 @@ export const checkMemberPrivileges = async (sessionId: string, sessionKey: strin
|
|||
export const checkManagementPrivileges = async (sessionId: string, sessionKey: string, password: string, ip: string) => {
|
||||
if(sessionId) {
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
return user.is_active;
|
||||
return user.isActive;
|
||||
}
|
||||
|
||||
return password == process.env.MANAGEMENT_CREDENTIAL;
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ eventsRouter.post('/', async (req: Request, res: Response) => {
|
|||
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
|
||||
if (!user.is_active) {
|
||||
if (!user.isActive) {
|
||||
res.status(403).send({'message': 'You do not have access to the specified calendar.'});
|
||||
return;
|
||||
}
|
||||
|
|
@ -150,7 +150,7 @@ eventsRouter.post('/', async (req: Request, res: Response) => {
|
|||
endDateTime: new Date(req.body.endDateTime),
|
||||
createdDate: new Date(),
|
||||
location: req.body.location ?? '',
|
||||
createdById: user.user_id ?? -1,
|
||||
createdById: user.userId ?? -1,
|
||||
url: req.body.url ?? '',
|
||||
wholeDay: req.body.wholeDay ?? false
|
||||
};
|
||||
|
|
@ -181,7 +181,7 @@ eventsRouter.put('/:eventId', async (req: Request, res: Response) => {
|
|||
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
|
||||
if (!user.is_active) {
|
||||
if (!user.isActive) {
|
||||
res.status(403).send({'message': 'You do not have access to the specified calendar.'});
|
||||
return;
|
||||
}
|
||||
|
|
@ -208,7 +208,7 @@ eventsRouter.put('/:eventId', async (req: Request, res: Response) => {
|
|||
createdDate: new Date(),
|
||||
location: req.body.location ?? '',
|
||||
createdBy: req.body.createdBy ?? '',
|
||||
createdById: user.user_id ?? -1,
|
||||
createdById: user.userId ?? -1,
|
||||
url: req.body.url ?? '',
|
||||
wholeDay: req.body.wholeDay ?? false
|
||||
};
|
||||
|
|
@ -242,7 +242,7 @@ eventsRouter.delete('/:eventId', async (req: Request, res: Response) => {
|
|||
|
||||
let user = await UserService.checkSession(sessionId, sessionKey, ip);
|
||||
|
||||
if (!user.is_active) {
|
||||
if (!user.isActive) {
|
||||
res.status(403).send({'message': 'You do not have access to the specified calendar.'});
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
export interface Session {
|
||||
session_id: number;
|
||||
user_id: number;
|
||||
session_key: string;
|
||||
session_key_hash: string;
|
||||
created_date?: Date;
|
||||
valid_until?: Date;
|
||||
last_ip: string;
|
||||
sessionId: number;
|
||||
userId: number;
|
||||
sessionKey: string;
|
||||
sessionKeyHash: string;
|
||||
createdDate?: Date;
|
||||
validUntil?: Date;
|
||||
lastIP: string;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
export interface User {
|
||||
user_id: number;
|
||||
full_name: string;
|
||||
password_hash: string;
|
||||
userId: number;
|
||||
fullName: string;
|
||||
passwordHash: string;
|
||||
email: string;
|
||||
is_active: boolean;
|
||||
isActive: boolean;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,8 +39,8 @@ usersRouter.post('/register', async (req: Request, res: Response) => {
|
|||
|
||||
// Send the session details back to the user
|
||||
res.status(201).send({
|
||||
session_id: session.session_id,
|
||||
session_key: session.session_key
|
||||
sessionId: session.sessionId,
|
||||
sessionKey: session.sessionKey
|
||||
});
|
||||
} catch (e: any) {
|
||||
let errorGuid = Guid.create().toString();
|
||||
|
|
@ -69,16 +69,16 @@ usersRouter.post('/login', async (req: Request, res: Response) => {
|
|||
// Create a session
|
||||
const session: Session = await UserService.login(email, password, ip);
|
||||
|
||||
if (!session.session_id) {
|
||||
if (!session.sessionId) {
|
||||
// Error logging in, probably wrong username / password
|
||||
res.status(401).send(JSON.stringify({messages: ['Wrong username and / or password']}));
|
||||
res.status(401).send(JSON.stringify({message: 'Wrong username and / or password', sessionId: -1, sessionKey: ''}));
|
||||
return;
|
||||
}
|
||||
|
||||
// Send the session details back to the user
|
||||
res.status(200).send({
|
||||
session_id: session.session_id,
|
||||
session_key: session.session_key
|
||||
sessionId: session.sessionId,
|
||||
sessionKey: session.sessionKey
|
||||
});
|
||||
} catch (e: any) {
|
||||
let errorGuid = Guid.create().toString();
|
||||
|
|
@ -95,8 +95,8 @@ usersRouter.post('/login', async (req: Request, res: Response) => {
|
|||
usersRouter.post('/checkSessionValid', async (req: Request, res: Response) => {
|
||||
try {
|
||||
const ip: string = req.socket.remoteAddress ?? '';
|
||||
const session_id = req.body.session_id;
|
||||
const session_key = req.body.session_key;
|
||||
const session_id = req.body.sessionId;
|
||||
const session_key = req.body.sessionKey;
|
||||
|
||||
if (!session_id || !session_key) {
|
||||
// Error logging in, probably wrong username / password
|
||||
|
|
@ -106,7 +106,7 @@ usersRouter.post('/checkSessionValid', async (req: Request, res: Response) => {
|
|||
|
||||
const user: User = await UserService.checkSession(session_id, session_key, ip);
|
||||
|
||||
if (!user.user_id) {
|
||||
if (!user.userId) {
|
||||
// Error logging in, probably wrong username / password
|
||||
res.status(401).send(JSON.stringify({messages: ['Invalid session']}));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -49,11 +49,11 @@ export const createUser = async (email: string, password: string, fullName: stri
|
|||
}
|
||||
|
||||
return {
|
||||
session_id: sessionId,
|
||||
user_id: userId,
|
||||
session_key: sessionKey,
|
||||
session_key_hash: 'HIDDEN',
|
||||
last_ip: ip
|
||||
sessionId: sessionId,
|
||||
userId: userId,
|
||||
sessionKey: sessionKey,
|
||||
sessionKeyHash: 'HIDDEN',
|
||||
lastIP: ip
|
||||
};
|
||||
} catch (err) {
|
||||
throw err;
|
||||
|
|
@ -102,11 +102,11 @@ export const login = async (email: string, password: string, ip: string): Promis
|
|||
}
|
||||
|
||||
return {
|
||||
session_id: sessionId,
|
||||
user_id: userId,
|
||||
session_key: sessionKey,
|
||||
session_key_hash: 'HIDDEN',
|
||||
last_ip: ip
|
||||
sessionId: sessionId,
|
||||
userId: userId,
|
||||
sessionKey: sessionKey,
|
||||
sessionKeyHash: 'HIDDEN',
|
||||
lastIP: ip
|
||||
};
|
||||
} catch (err) {
|
||||
throw err;
|
||||
|
|
@ -167,11 +167,11 @@ export const checkSession = async (sessionId: string, sessionKey: string, ip: st
|
|||
|
||||
// Everything is fine, return user information
|
||||
return {
|
||||
user_id: userId,
|
||||
userId: userId,
|
||||
email: email,
|
||||
password_hash: 'HIDDEN',
|
||||
full_name: fullName,
|
||||
is_active: is_active
|
||||
passwordHash: 'HIDDEN',
|
||||
fullName: fullName,
|
||||
isActive: is_active
|
||||
};
|
||||
} catch (err) {
|
||||
throw err;
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user