This repository has been archived on 2023-08-16. You can view files and clone it, but cannot push or open issues or pull requests.
Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Auth.pm

126 lines
2.9 KiB
Perl
Raw Normal View History

package Pear::LocalLoop::Controller::Api::Auth;
2017-02-24 19:27:43 +00:00
use Mojo::Base 'Mojolicious::Controller';
use Data::Dumper;
use Mojo::JSON qw/ decode_json /;
2017-02-24 19:27:43 +00:00
has error_messages => sub {
return {
email => {
required => { message => 'No email sent.', status => 400 },
email => { message => 'Email is invalid.', status => 400 },
},
password => {
required => { message => 'No password sent.', status => 400 },
},
};
};
sub check_json {
my $c = shift;
# JSON object is either the whole request, or under a json param for upload
my $json = $c->req->json || decode_json( $c->param('json') || '{}' );
unless ( defined $json && ref $json eq 'HASH' && scalar( keys %$json ) > 0 ) {
$c->render(
json => {
success => Mojo::JSON->false,
message => 'JSON is missing.',
},
status => 400,
);
return 0;
}
$c->stash( api_json => $json );
return 1;
}
2017-02-24 19:27:43 +00:00
sub auth {
my $c = shift;
my $session_key = $c->stash->{api_json}->{session_key};
if ( defined $session_key ) {
2017-04-21 21:12:53 +00:00
my $session_result = $c->schema->resultset('SessionToken')->find({ token => $session_key });
if ( defined $session_result ) {
$c->stash( api_user => $session_result->user );
return 1;
}
}
$c->render(
json => {
success => Mojo::JSON->false,
message => 'Invalid Session',
},
status => 401,
);
return 0;
2017-02-24 19:27:43 +00:00
}
sub post_login {
my $c = shift;
2017-02-24 19:27:43 +00:00
my $validation = $c->validation;
$validation->input( $c->stash->{api_json} );
$validation->required('email')->email;
$validation->required('password');
return $c->api_validation_error if $validation->has_error;
my $email = $validation->param('email');
my $password = $validation->param('password');
my $user_result = $c->schema->resultset('User')->find({ email => $email });
2017-07-26 14:29:38 +00:00
if ( defined $user_result ) {
if ( $user_result->check_password($password) ) {
2017-04-21 21:12:53 +00:00
my $session_key = $user_result->generate_session;
2017-07-26 15:45:46 +00:00
my $display_name;
if ( defined $user_result->customer_id ) {
$display_name = $user_result->customer->display_name;
} elsif ( defined $user_result->organisation_id ) {
$display_name = $user_result->organisation->name;
} else {
return undef;
}
return $c->render( json => {
success => Mojo::JSON->true,
session_key => $session_key,
2017-07-26 15:45:46 +00:00
display_name => $display_name,
});
}
2017-02-24 19:27:43 +00:00
}
2017-07-20 16:34:33 +00:00
return $c->render(
json => {
success => Mojo::JSON->false,
message => 'Email or password is invalid.',
},
status => 401
);
}
2017-02-24 19:27:43 +00:00
sub post_logout {
my $c = shift;
2017-02-24 19:27:43 +00:00
my $session_key = $c->req->json( '/session_key' );
2017-02-24 19:27:43 +00:00
2017-04-21 21:12:53 +00:00
my $session_result = $c->schema->resultset('SessionToken')->find({ token => $session_key });
2017-02-24 19:27:43 +00:00
if ( defined $session_result ) {
$session_result->delete;
2017-02-24 19:27:43 +00:00
}
$c->render( json => {
success => Mojo::JSON->true,
message => 'Logged Out',
2017-07-26 14:29:38 +00:00
});
2017-02-24 19:27:43 +00:00
}
1;