NickKalar/LMS-APIs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added basic password validation

Browse Source
This commit is contained in:
Nick Kalar
2025-08-17 16:34:25 -04:00
parent d993f31329
commit 31195f678f
1 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/main/kotlin/routes/LoginRoutes.kt
View File

@@ -1,6 +1,8 @@
package codes.kalar.routes package codes.kalar.routes
import codes.kalar.exception.DbElementNotFoundException
import codes.kalar.model.User import codes.kalar.model.User
import codes.kalar.service.PatronService
import com.auth0.jwt.JWT import com.auth0.jwt.JWT
import com.auth0.jwt.algorithms.Algorithm import com.auth0.jwt.algorithms.Algorithm
import io.ktor.http.HttpStatusCode import io.ktor.http.HttpStatusCode
@@ -9,14 +11,16 @@ import io.ktor.server.request.receive
import io.ktor.server.response.respond import io.ktor.server.response.respond
import io.ktor.server.routing.post import io.ktor.server.routing.post
import io.ktor.server.routing.routing import io.ktor.server.routing.routing
import java.sql.Connection
import java.util.Date import java.util.Date
fun Application.configureLoginRoutes() { fun Application.configureLoginRoutes(dbConnection: Connection) {
val secret = environment.config.property("jwt.secret").getString() val secret = environment.config.property("jwt.secret").getString()
val issuer = environment.config.property("jwt.issuer").getString() val issuer = environment.config.property("jwt.issuer").getString()
val audience = environment.config.property("jwt.audience").getString() val audience = environment.config.property("jwt.audience").getString()
val myRealm = environment.config.property("jwt.realm").getString() val myRealm = environment.config.property("jwt.realm").getString()
val patronService = PatronService(dbConnection)
routing { routing {
post("/login") { post("/login") {
try { try {
@@ -24,8 +28,7 @@ fun Application.configureLoginRoutes() {
val name = user.name val name = user.name
val password = user.password val password = user.password
// TODO Check is username exists and password matches if (patronService.loginPatronByLoginUsername(name, password)) {
val token = JWT.create() val token = JWT.create()
.withAudience(audience) .withAudience(audience)
.withIssuer(issuer) .withIssuer(issuer)
@@ -33,8 +36,11 @@ fun Application.configureLoginRoutes() {
.withExpiresAt(Date(System.currentTimeMillis() + 160000)) .withExpiresAt(Date(System.currentTimeMillis() + 160000))
.sign(Algorithm.HMAC256(secret)) .sign(Algorithm.HMAC256(secret))
call.respond(hashMapOf("token" to token)) call.respond(hashMapOf("token" to token))
} catch (e: Exception) { } else {
call.respond(HttpStatusCode.BadRequest, e.message ?: "Something went wrong") call.respond(HttpStatusCode.Unauthorized, "Invalid login")
}
} catch (cause: DbElementNotFoundException) {
call.respond(HttpStatusCode.BadRequest, cause.message ?: "Something went wrong")
} }
} }