mirror of
https://github.com/antos-rde/antos-backend.git
synced 2024-12-26 13:18:21 +01:00
79 lines
1.8 KiB
Lua
79 lines
1.8 KiB
Lua
require("silk.core.sqlite")
|
|
local TUNNEL_KEYCHAIN = __api__.tmpdir.."/antunnel_keychain"
|
|
function fail(msg)
|
|
std.custom_header("Connection", "close")
|
|
std.json()
|
|
std.t(JSON.encode({
|
|
error = msg
|
|
}))
|
|
end
|
|
|
|
function result(obj)
|
|
std.custom_header("Connection", "close")
|
|
std.json()
|
|
std.t(JSON.encode({
|
|
result = obj,
|
|
error = false
|
|
}))
|
|
end
|
|
|
|
function die(msg)
|
|
fail(msg)
|
|
debug.traceback = nil
|
|
error("Permission denied")
|
|
return false
|
|
end
|
|
|
|
-- check if the sysdb is create, otherwise create the table
|
|
function sysdb()
|
|
local meta = {}
|
|
meta.sessionid = ""
|
|
meta.username = ""
|
|
meta.stamp = 0
|
|
return require("dbmodel").get("sysdb", "sessions", meta)
|
|
end
|
|
|
|
function is_auth()
|
|
local sessionid = nil
|
|
if SESSION.sessionid and SESSION.sessionid ~= '0' then
|
|
sessionid = SESSION.sessionid
|
|
-- should be used only by API call
|
|
elseif REQUEST.sessionid and REQUEST.sessionid ~= '0' then
|
|
sessionid = REQUEST.sessionid
|
|
elseif REQUEST.access_token and REQUEST.access_token ~= '0' then
|
|
sessionid = REQUEST.access_token
|
|
end
|
|
if sessionid == nil then
|
|
return false
|
|
end
|
|
-- query session id from database
|
|
local db = sysdb()
|
|
if db == nil then
|
|
return false
|
|
end
|
|
local cond = {
|
|
where = {
|
|
sessionid = sessionid
|
|
}
|
|
}
|
|
local data = db:find(cond)
|
|
db:close()
|
|
if data == nil or data[1] == nil then
|
|
return false
|
|
end
|
|
-- TODO check the stamp
|
|
SESSION.user = data[1].username
|
|
local f = io.open(TUNNEL_KEYCHAIN, "w")
|
|
if f then
|
|
f:write(sessionid .. SESSION.user)
|
|
f:close()
|
|
end
|
|
return true
|
|
end
|
|
|
|
function auth_or_die(msg)
|
|
if (is_auth() == false) then
|
|
die(msg)
|
|
end
|
|
end
|