mirror of
https://github.com/lxsang/antd-web-apps
synced 2024-12-27 09:58:20 +01:00
67 lines
1.6 KiB
Lua
67 lines
1.6 KiB
Lua
require("sqlite")
|
|
local TUNNEL_KEYCHAIN = "/opt/www/tmp/channels/antunnel_keychain"
|
|
function fail(msg)
|
|
std.custom_header("Connection","close")
|
|
std.json()
|
|
std.t(JSON.encode({error=msg}))
|
|
end
|
|
|
|
function result(obj)
|
|
std.custom_header("Connection","close")
|
|
std.json()
|
|
std.t(JSON.encode({result=obj, error=false}))
|
|
end
|
|
|
|
function die (msg)
|
|
fail(msg)
|
|
debug.traceback=nil
|
|
error("Permission denied")
|
|
return false
|
|
end
|
|
|
|
-- check if the sysdb is create, otherwise create the table
|
|
function sysdb()
|
|
local meta = {}
|
|
meta.sessionid = ""
|
|
meta.username = ""
|
|
meta.stamp = 0
|
|
return require("dbmodel").get("sysdb", "sessions", meta)
|
|
end
|
|
|
|
function is_auth()
|
|
local sessionid = nil
|
|
if SESSION.sessionid and SESSION.sessionid ~= '0' then
|
|
sessionid = SESSION.sessionid
|
|
-- should be used only by API call
|
|
elseif REQUEST.sessionid and REQUEST.sessionid ~= '0' then
|
|
sessionid = REQUEST.sessionid
|
|
elseif REQUEST.access_token and REQUEST.access_token ~= '0' then
|
|
sessionid = REQUEST.access_token
|
|
end
|
|
if sessionid == nil then
|
|
return false
|
|
end
|
|
-- query session id from database
|
|
local db = sysdb()
|
|
if db == nil then return false end
|
|
local cond = {exp= {["="] = { sessionid = sessionid }}}
|
|
local data = db:find(cond)
|
|
--print(JSON.encode(data))
|
|
db:close()
|
|
if data == nil or data[1] == nil then return die("No user data found") end
|
|
-- next time check the stamp
|
|
SESSION.user = data[1].username
|
|
local f = io.open(TUNNEL_KEYCHAIN, "w")
|
|
if f then
|
|
f:write(sessionid..SESSION.user)
|
|
f:close()
|
|
end
|
|
return true
|
|
end
|
|
|
|
function auth_or_die(msg)
|
|
if(is_auth() == false) then
|
|
die(msg)
|
|
end
|
|
end
|