From e3e4336c3117022319385e751f5163dc427ffc82 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Patrick=20M=C3=BCller?= <patrick@mueller-patrick.tech>
Date: Sat, 21 Aug 2021 12:55:01 +0200
Subject: [PATCH] API-17: Session Data Endpoint

---
 src/models/partyplaner/data/Data.router.ts  | 32 +++++++++++++
 src/models/partyplaner/data/data.service.ts | 50 +++++++++++++++++++++
 2 files changed, 82 insertions(+)

diff --git a/src/models/partyplaner/data/Data.router.ts b/src/models/partyplaner/data/Data.router.ts
index 6739e84..e60b51b 100644
--- a/src/models/partyplaner/data/Data.router.ts
+++ b/src/models/partyplaner/data/Data.router.ts
@@ -42,3 +42,35 @@ dataRouter.get('/user/:isDevCall', async (req: Request, res: Response) => {
         res.status(500).send({'message': 'Internal Server Error. Try again later.'});
     }
 });
+
+dataRouter.get('/session/:isDevCall', async (req: Request, res: Response) => {
+    try {
+        let userId = (req.query.userId ?? '').toString();
+        let sessionId = (req.query.sessionId ?? '').toString();
+        let sessionKey = (req.query.sessionKey ?? '').toString();
+        let useDev: boolean = (req.params.isDevCall ?? '') === 'dev'; // TBD
+
+        if (userId === '' || sessionId === '' || sessionKey === '') {
+            res.status(400).send({
+                'status': 'WRONG_PARAMS',
+                'message': 'Missing or wrong parameters'
+            });
+            return;
+        }
+
+        if (!await UserService.checkSession(useDev, userId, sessionId, sessionKey)) {
+            res.status(403).send({
+                'status': 'INVALID_SESSION',
+                'message': 'The user or session could not be found or the session is invalid'
+            });
+            return;
+        }
+
+        let data = await DataService.getSessionData(useDev, userId);
+
+        res.status(200).send(data);
+    } catch (e) {
+        logger.error('Error handling a request: ' + e.message);
+        res.status(500).send({'message': 'Internal Server Error. Try again later.'});
+    }
+});
diff --git a/src/models/partyplaner/data/data.service.ts b/src/models/partyplaner/data/data.service.ts
index 07fe4b3..61d4d97 100644
--- a/src/models/partyplaner/data/data.service.ts
+++ b/src/models/partyplaner/data/data.service.ts
@@ -31,6 +31,16 @@ export interface UserData {
     isPremiumUser: string;
 }
 
+/**
+ * Used in the getSessionData method as return value
+ */
+export interface SessionData {
+    sessionId: string;
+    type: string;
+    lastLogin: string;
+    lastIp: string;
+}
+
 /**
  * Returns all data about the given user
  * @param useDev If the dev or prod database should be used
@@ -73,3 +83,43 @@ export const getUserData = async (useDev: boolean, userId: string): Promise<User
         }
     }
 };
+
+/**
+ * Returns all active sessions of the given user
+ * @param useDev If the dev or prod database should be used
+ * @param userId The userId of the user to return the sessions for
+ * @return SessionData An object containing the session data
+ */
+export const getSessionData = async (useDev: boolean, userId: string): Promise<SessionData[]> => {
+    let conn;
+    try {
+        if (useDev) {
+            conn = await dev_pool.getConnection();
+        } else {
+            conn = await prod_pool.getConnection();
+        }
+
+        let rows = await conn.query('SELECT session_id, type, last_login, last_ip FROM sessions WHERE user_id = ? AND valid_until > NOW()', userId);
+
+        let sessions: SessionData[] = [];
+
+        for (let row in rows) {
+            if (row !== 'meta') {
+                sessions.push({
+                    sessionId: rows[row].session_id,
+                    type: rows[row].type,
+                    lastLogin: rows[row].last_login,
+                    lastIp: rows[row].last_ip
+                });
+            }
+        }
+
+        return sessions;
+    } catch (err) {
+        throw err;
+    } finally {
+        if (conn) {
+            conn.end();
+        }
+    }
+};