This repository has been archived on 2023-08-16. You can view files and clone it, but cannot push or open issues or pull requests.
Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Api.pm

60 lines
1.5 KiB
Perl
Raw Normal View History

package Pear::LocalLoop::Controller::Api::Api;
2017-02-24 19:27:43 +00:00
use Mojo::Base 'Mojolicious::Controller';
use Data::Dumper;
sub post_edit {
my $self = shift;
my $json = $self->req->json;
my $account = $self->get_account_by_username( $json->{username} );
unless ( defined $account ) {
return $self->render( json => {
success => Mojo::JSON->false,
message => 'Username not recognised, has your token expired?',
});
# PLUG SECURITY HOLE
} elsif ( $account->{keyused} ne 't' ) {
return $self->render( json => {
success => Mojo::JSON->false,
message => 'Token has not been used yet!',
});
}
my $insert = $self->db->prepare("UPDATE accounts SET fullname = ?, postcode = ?, age = ?, gender = ?, WHERE username = ?");
$insert->execute(
@{$json}{ qw/ fullname postcode age gender / }, $account->{username},
);
$self->render( json => { success => Mojo::JSON->true } );
}
sub post_fetchuser {
my $self = shift;
my $json = $self->req->json;
my $account = $self->get_account_by_username( $json->{username} );
unless ( defined $account ) {
return $self->render( json => {
success => Mojo::JSON->false,
message => 'Username not recognised, has your token expired?',
});
# PLUG SECURITY HOLE
} elsif ( $account->{keyused} ne 't' ) {
return $self->render( json => {
success => Mojo::JSON->false,
message => 'Token has not been used yet!',
});
}
# Add stuff to send back to user below here!
$self->render( json => {
success => Mojo::JSON->true,
});
}
1;