Commit 12895d39 authored by Michael Ochmann's avatar Michael Ochmann
Browse files

added user authentication

parent 4f1b455d
Pipeline #2599 failed with stage
in 29 seconds
......@@ -23,7 +23,7 @@ module.exports = {
ref : 'origin/development',
repo : 'git@gitlab.fsi.hochschule-trier.de:ochmannm/beacon.git',
path : '/home/fsi/bin/beacon',
'post-deploy' : 'npm install && /home/fsi/bin/pm2 reload ecosystem.config.js --env production'
'post-deploy' : 'npm run build && /home/fsi/bin/pm2 reload ecosystem.config.js --env production'
}
}
};
This diff is collapsed.
......@@ -28,7 +28,10 @@
"license": "MIT",
"dependencies": {
"chalk": "^2.4.2",
"express": "^4.16.4"
"crypto": "^1.0.1",
"express": "^4.16.4",
"express-session": "^1.15.6",
"sqlite3": "^4.0.6"
},
"devDependencies": {
"browserify": "^16.2.3",
......
const Crypto = require("crypto");
class SHA512 {
static Hash(string) {
return Crypto.createHash("sha512").update(string).digest("hex");
}
}
module.exports = SHA512;
const Express = require("express");
const Session = require("express-session");
const Std = require("./Std");
class Server {
constructor() {
this.socket = Express();
this.router = Express.Router();
this.server = null;
const sessionLifetime = 720;
this.socket.on("error", error => {
Std.Log(`[Server] ERROR can not handle request:\n\t${error}`);
});
this.socket.use(Express.static("static"));
this.socket.use(Session({
secret: "sje394gfmdj30dkcdnd83jdnn3",
name: "beaconID",
saveUninitialized: true,
resave: true,
rolling: true,
cookie: {
secure: false,
expires: new Date(Date.now() + 60 * 60 * 1000 * sessionLifetime),
maxAge : 60 * 60 * 1000 * sessionLifetime
}
}));
this.router.route("/login").get((request, response) => {
let session = request.session;
let loggedin = typeof session.userName !== "undefined";
response.send(JSON.stringify({
error : false,
status : loggedin ? "user is logged in" : "user is not authenticated",
login : loggedin
}));
});
this.router.route("/login").post((request, response) => {
let session = request.session;
this.model.check(request.body.username, request.body.password, valid => {
if (valid) {
response.send(JSON.stringify({
error: false,
status: "authentication succeeded"
}));
session.userName = request.body.username;
session.save();
Std.Log("[Server] user '" + session.userName + "' logged in", Std.LogLevel.INFO);
}
else {
Server.Fail(response, "authentication failed");
}
});
});
this.socket.use("/api", this.router);
}
listen(port = 9080) {
......
const SQLite = require("sqlite3");
const FS = require("fs");
const Path = require("path");
const Std = require("./Std");
const SHA512 = require("./SHA512");
class UserModel {
constructor() {
UserModel.InitializeDB();
this.socket = new SQLite.Database(UserModel.DBPath, SQLite.OPEN_READONLY, error => {
if (!error)
return;
Std.Log("ERROR [UserModel] failed opening database: " + err, Std.LogLevel.ERROR);
});
this.socket.on("error", error => {
Std.Log("ERROR [UserModel] database error: " + error, Std.LogLevel.ERROR);
});
}
check(username, password, callback) {
Std.Log("authentication is valid? " + username, Std.LogLevel.INFO);
this.socket.all("SELECT * FROM users WHERE username = '" + username + "' LIMIT 1", (error, row) => {
if (error || row.length === 0) {
Std.Log("[UserModel] no user found with username '" + username + "'", Std.LogLevel.NORMAL);
callback(false);
return;
}
Std.Log("[UserModel] user '" + row[0].username + "' tried to log in");
password = SHA512.Hash(password);
callback(row[0].password === password);
});
}
static Add(username, password) {
UserModel.InitializeDB(() => {
let db = new SQLite.Database(UserModel.DBPath, SQLite.OPEN_READWRITE, error => {
if (!error)
return;
Std.Log("ERROR [UserModel] failed opening database: " + err, Std.LogLevel.ERROR);
});
db.run("INSERT INTO users (username, password) VALUES ('" + username + "', '" + SHA512.Hash(password) + "')");
});
}
static InitializeDB(callback) {
if (FS.existsSync(UserModel.DBPath)) {
if (callback)
callback();
return;
}
FS.writeFileSync(UserModel.DBPath, "");
let db = new SQLite.Database(UserModel.DBPath, SQLite.OPEN_READWRITE | SQLite.OPEN_CREATE, error => {
if (!error)
return;
Std.Log("ERROR [UserModel] failed opening database: " + err, Std.LogLevel.ERROR);
});
db.serialize(() => {
db.run("CREATE TABLE IF NOT EXISTS users (username TEXT PRIMARY KEY, password TEXT, admin TINYINT)", error => {
if (!error && callback)
callback();
});
});
db.close();
}
}
UserModel.DBPath = Path.join(__dirname, "..", "assets", "beacon.sqlite");
module.exports = UserModel;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment