This repository has been archived on 2023-08-16. You can view files and clone it, but cannot push or open issues or pull requests.
Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Auth.pm
2021-03-20 23:30:46 +00:00

146 lines
3.5 KiB
Perl

package Pear::LocalLoop::Controller::Api::Auth;
use Mojo::Base 'Mojolicious::Controller';
use Data::Dumper;
use Mojo::JSON qw/ decode_json /;
has error_messages => sub {
return {
email => {
required => { message => 'No email sent.', status => 400 },
email => { message => 'Email is invalid.', status => 400 },
},
password => {
required => { message => 'No password sent.', status => 400 },
},
};
};
sub check_json {
my $c = shift;
# JSON object is either the whole request, or under a json param for upload
my $json = $c->req->json || decode_json( $c->param('json') || '{}' );
unless ( defined $json && ref $json eq 'HASH' && scalar( keys %$json ) > 0 )
{
$c->render(
json => {
success => Mojo::JSON->false,
message => 'JSON is missing.',
},
status => 400,
);
return 0;
}
$c->stash( api_json => $json );
return 1;
}
sub auth {
my $c = shift;
my $session_key = $c->stash->{api_json}->{session_key};
if ( defined $session_key ) {
my $session_result = $c->schema->resultset('SessionToken')
->find( { token => $session_key } );
if ( defined $session_result ) {
$c->stash( api_user => $session_result->user );
return 1;
}
}
$c->render(
json => {
success => Mojo::JSON->false,
message => 'Invalid Session',
},
status => 401,
);
return 0;
}
sub test_connection {
my $c = shift;
return $c->render(
json => {
success => Mojo::JSON->true,
message => 'Database connection successful',
},
status => 200,
);
}
sub post_login {
my $c = shift;
my $validation = $c->validation;
$validation->input( $c->stash->{api_json} );
$validation->required('email')->email;
$validation->required('password');
return $c->api_validation_error if $validation->has_error;
my $email = $validation->param('email');
my $password = $validation->param('password');
$c->app->log->debug( __PACKAGE__ . " login attempt for [" . $email . "]" );
my $user_result =
$c->schema->resultset('User')->find( { email => $email } );
if ( defined $user_result ) {
if ( $user_result->check_password($password) ) {
my $session_key = $user_result->generate_session;
return $c->render(
json => {
success => Mojo::JSON->true,
session_key => $session_key,
email => $email,
display_name => $user_result->name,
user_type => $user_result->type,
}
);
}
else {
$c->app->log->info(
__PACKAGE__ . " failed login for [" . $email . "]" );
}
}
return $c->render(
json => {
success => Mojo::JSON->false,
message => 'Email or password is invalid.',
},
status => 401
);
}
sub post_logout {
my $c = shift;
my $session_key = $c->req->json('/session_key');
my $session_result =
$c->schema->resultset('SessionToken')->find( { token => $session_key } );
if ( defined $session_result ) {
$session_result->delete;
}
$c->render(
json => {
success => Mojo::JSON->true,
message => 'Logged Out',
}
);
return 1;
}
1;