Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Auth.pm

package Pear::LocalLoop::Controller::Api::Auth;
use Mojo::Base 'Mojolicious::Controller';
use Data::Dumper;
use Mojo::JSON;

has error_messages => sub {
  return {
    email => {
      required => { message => 'No email sent.', status => 400 },
      email => { message => 'Email is invalid.', status => 400 },
    },
    password => {
      required => { message => 'No password sent.', status => 400 },
    },
  };
};

sub auth {
  my $c = shift;

  my $session_key = $c->req->json( '/session_key' );

  my $session_result = $c->schema->resultset('SessionToken')->find({ sessiontokenname => $session_key });

  if ( defined $session_result ) {
    $c->stash( api_user => $session_result->user );
    return 1;
  }

  $c->render(
    json => {
      success => Mojo::JSON->false,
      message => 'Invalid Session',
    },
    status => 401,
  );
  return 0;
}

sub post_login {
  my $c = shift;

  my $validation = $c->validation;

  my $json = $c->req->json;

  if ( ! defined $json ){
    return $c->render( json => {
      success => Mojo::JSON->false,
      message => 'No json sent.',
    },
    status => 400); #Malformed request   
  }

  $validation->input( $json );
  $validation->required('email')->email;
  $validation->required('password');

  my $email = $validation->param('email');
  my $password = $validation->param('password');

  if ( $validation->has_error ) {
    my $failed_vals = $validation->failed;
    for my $val ( @$failed_vals ) {
      my $check = shift @{ $validation->error($val) };
      return $c->render(
        json => {
          success => Mojo::JSON->false,
          message => $c->error_messages->{$val}->{$check}->{message},
        },
        status => $c->error_messages->{$val}->{$check}->{status},
      );
    }
  }

  my $user_result = $c->schema->resultset('User')->find({ email => $email });
  
  if ( defined $user_result ) {
    if ( $user_result->check_password($password) ) {
      my $session_key = $c->generate_session( $user_result->userid );

      return $c->render( json => {
        success => Mojo::JSON->true,
        session_key => $session_key,
      });
    }
  } else {
    return $c->render(
      json => {
        success => Mojo::JSON->false,
        message => 'Email or password is invalid.',
      },
      status => 401
    );
  }
}

sub post_logout {
  my $c = shift;

  my $session_key = $c->req->json( '/session_key' );

  my $session_result = $c->schema->resultset('SessionToken')->find({ sessiontokenname => $session_key });

  if ( defined $session_result ) {
    $session_result->delete;
  }

  $c->render( json => {
    success => Mojo::JSON->true,
    message => 'Logged Out',
  }); 
}

1;
Moved all API endpoints under /api, fixed all tests 2017-04-06 21:43:27 +00:00			`package Pear::LocalLoop::Controller::Api::Auth;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`use Mojo::Base 'Mojolicious::Controller';`
			`use Data::Dumper;`
			`use Mojo::JSON;`

Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`has error_messages => sub {`
			`return {`
			`email => {`
			`required => { message => 'No email sent.', status => 400 },`
			`email => { message => 'Email is invalid.', status => 400 },`
			`},`
			`password => {`
			`required => { message => 'No password sent.', status => 400 },`
			`},`
			`};`
			`};`

			`sub auth {`
			`my $c = shift;`

			`my $session_key = $c->req->json( '/session_key' );`

			`my $session_result = $c->schema->resultset('SessionToken')->find({ sessiontokenname => $session_key });`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`if ( defined $session_result ) {`
			`$c->stash( api_user => $session_result->user );`
			`return 1;`
			`}`

			`$c->render(`
			`json => {`
			`success => Mojo::JSON->false,`
			`message => 'Invalid Session',`
			`},`
			`status => 401,`
			`);`
			`return 0;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

			`sub post_login {`
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`my $c = shift;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`my $validation = $c->validation;`

			`my $json = $c->req->json;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`if ( ! defined $json ){`
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`return $c->render( json => {`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`success => Mojo::JSON->false,`
			`message => 'No json sent.',`
			`},`
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`status => 400); #Malformed request`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`$validation->input( $json );`
			`$validation->required('email')->email;`
			`$validation->required('password');`

			`my $email = $validation->param('email');`
			`my $password = $validation->param('password');`

			`if ( $validation->has_error ) {`
			`my $failed_vals = $validation->failed;`
			`for my $val ( @$failed_vals ) {`
			`my $check = shift @{ $validation->error($val) };`
			`return $c->render(`
			`json => {`
			`success => Mojo::JSON->false,`
			`message => $c->error_messages->{$val}->{$check}->{message},`
			`},`
			`status => $c->error_messages->{$val}->{$check}->{status},`
			`);`
			`}`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`my $user_result = $c->schema->resultset('User')->find({ email => $email });`

			`if ( defined $user_result ) {`
			`if ( $user_result->check_password($password) ) {`
			`my $session_key = $c->generate_session( $user_result->userid );`

			`return $c->render( json => {`
			`success => Mojo::JSON->true,`
			`session_key => $session_key,`
			`});`
			`}`
			`} else {`
			`return $c->render(`
			`json => {`
			`success => Mojo::JSON->false,`
			`message => 'Email or password is invalid.',`
			`},`
			`status => 401`
			`);`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`}`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`sub post_logout {`
			`my $c = shift;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`my $session_key = $c->req->json( '/session_key' );`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`my $session_result = $c->schema->resultset('SessionToken')->find({ sessiontokenname => $session_key });`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`if ( defined $session_result ) {`
			`$session_result->delete;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

Reworked api login to just need a session_key for everything 2017-04-18 21:31:08 +00:00			`$c->render( json => {`
			`success => Mojo::JSON->true,`
			`message => 'Logged Out',`
			`});`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

			`1;`