122 lines
2.8 KiB
Perl
122 lines
2.8 KiB
Perl
package Pear::LocalLoop::Controller::Api::Auth;
|
|
use Mojo::Base 'Mojolicious::Controller';
|
|
use Data::Dumper;
|
|
use Mojo::JSON qw/ decode_json /;
|
|
|
|
has error_messages => sub {
|
|
return {
|
|
email => {
|
|
required => { message => 'No email sent.', status => 400 },
|
|
email => { message => 'Email is invalid.', status => 400 },
|
|
},
|
|
password => {
|
|
required => { message => 'No password sent.', status => 400 },
|
|
},
|
|
};
|
|
};
|
|
|
|
sub check_json {
|
|
my $c = shift;
|
|
|
|
# JSON object is either the whole request, or under a json param for upload
|
|
my $json = $c->req->json || decode_json( $c->param('json') || '{}' );
|
|
|
|
unless ( defined $json && ref $json eq 'HASH' && scalar( keys %$json ) > 0 ) {
|
|
$c->render(
|
|
json => {
|
|
success => Mojo::JSON->false,
|
|
message => 'JSON is missing.',
|
|
},
|
|
status => 400,
|
|
);
|
|
return 0;
|
|
}
|
|
|
|
$c->stash( api_json => $json );
|
|
return 1;
|
|
}
|
|
|
|
sub auth {
|
|
my $c = shift;
|
|
|
|
my $session_key = $c->stash->{api_json}->{session_key};
|
|
|
|
if ( defined $session_key ) {
|
|
my $session_result = $c->schema->resultset('SessionToken')->find({ token => $session_key });
|
|
|
|
if ( defined $session_result ) {
|
|
$c->stash( api_user => $session_result->user );
|
|
return 1;
|
|
}
|
|
}
|
|
|
|
$c->render(
|
|
json => {
|
|
success => Mojo::JSON->false,
|
|
message => 'Invalid Session',
|
|
},
|
|
status => 401,
|
|
);
|
|
return 0;
|
|
}
|
|
|
|
sub post_login {
|
|
my $c = shift;
|
|
|
|
my $validation = $c->validation;
|
|
|
|
$validation->input( $c->stash->{api_json} );
|
|
$validation->required('email')->email;
|
|
$validation->required('password');
|
|
|
|
return $c->api_validation_error if $validation->has_error;
|
|
|
|
my $email = $validation->param('email');
|
|
my $password = $validation->param('password');
|
|
|
|
$c->app->log->debug( __PACKAGE__ . " login attempt for [" . $email . "]" );
|
|
|
|
my $user_result = $c->schema->resultset('User')->find({ email => $email });
|
|
|
|
if ( defined $user_result ) {
|
|
if ( $user_result->check_password($password) ) {
|
|
my $session_key = $user_result->generate_session;
|
|
|
|
return $c->render( json => {
|
|
success => Mojo::JSON->true,
|
|
session_key => $session_key,
|
|
display_name => $user_result->name,
|
|
user_type => $user_result->type,
|
|
});
|
|
} else {
|
|
$c->app->log->info( __PACKAGE__ . " failed login for [" . $email . "]" );
|
|
}
|
|
}
|
|
return $c->render(
|
|
json => {
|
|
success => Mojo::JSON->false,
|
|
message => 'Email or password is invalid.',
|
|
},
|
|
status => 401
|
|
);
|
|
}
|
|
|
|
sub post_logout {
|
|
my $c = shift;
|
|
|
|
my $session_key = $c->req->json( '/session_key' );
|
|
|
|
my $session_result = $c->schema->resultset('SessionToken')->find({ token => $session_key });
|
|
|
|
if ( defined $session_result ) {
|
|
$session_result->delete;
|
|
}
|
|
|
|
$c->render( json => {
|
|
success => Mojo::JSON->true,
|
|
message => 'Logged Out',
|
|
});
|
|
}
|
|
|
|
1;
|