xivdev/XIVPlan-DB
1
0
Fork 0
Code Issues Wiki Activity

test+fix auth endpoint

Browse Source
This commit is contained in:
Ean Milligan
2026-04-08 03:08:12 -04:00
parent 3336d1ba7c
commit be8cbb58f3
2 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.bruno/auth user.bru Normal file
View File

@@ -0,0 +1,23 @@
meta {
name: auth user
type: http
seq: 2
}
post {
url: http://localhost:14014/api/auth
body: json
auth: inherit
}
body:json {
{
"name": "teest",
"pin": "1234"
}
}
settings {
encodeUrl: true
timeout: 0
}

16
mod.ts
View File

@@ -33,17 +33,17 @@ Deno.serve({ port: config.api.port }, async (req) => {
if (body.pin.length < 4 || body.pin.length > 20) return genericResponse(STATUS_CODE.BadRequest, `PIN too ${body.pin.length < 4 ? 'short' : 'long'}.`); if (body.pin.length < 4 || body.pin.length > 20) return genericResponse(STATUS_CODE.BadRequest, `PIN too ${body.pin.length < 4 ? 'short' : 'long'}.`);
if (body.email.length > 20) return genericResponse(STATUS_CODE.BadRequest, `Email too long.`); if (body.email.length > 20) return genericResponse(STATUS_CODE.BadRequest, `Email too long.`);
const userId = nanoid(); const id = nanoid();
let writeFailure = false; let writeFailure = false;
await dbClient.execute('INSERT INTO users(id,name,pin,email) values(?,?,?,?)', [userId, body.name, body.pin, body.email]).catch(() => { await dbClient.execute('INSERT INTO users(id,name,pin,email) values(?,?,?,?)', [id, body.name, body.pin, body.email]).catch(() => {
writeFailure = true; writeFailure = true;
}); });
if (writeFailure) { if (writeFailure) {
return genericResponse(STATUS_CODE.InternalServerError, "Couldn't write DB."); return genericResponse(STATUS_CODE.InternalServerError, "Couldn't write DB.");
} else { } else {
return genericResponse(STATUS_CODE.OK, JSON.stringify({ userId })); return genericResponse(STATUS_CODE.OK, JSON.stringify({ id }));
} }
} else { } else {
return genericResponse(STATUS_CODE.BadRequest, 'Username Taken.'); return genericResponse(STATUS_CODE.BadRequest, 'Username Taken.');
@@ -52,23 +52,27 @@ Deno.serve({ port: config.api.port }, async (req) => {
const body = await req.json(); const body = await req.json();
let readFailure = false; let readFailure = false;
const loginMatch = await dbClient.query('SELECT id, email FROM users WHERE name = ? AND pin = ?', [body.name, body.pin]).catch(() => { const loginMatch = await dbClient.query('SELECT id, email, deleteCode FROM users WHERE name = ? AND pin = ?', [body.name, body.pin]).catch(() => {
readFailure = true; readFailure = true;
}); });
if (readFailure) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB."); if (readFailure) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB.");
if (loginMatch.length === 0) return genericResponse(STATUS_CODE.Forbidden, 'Invalid name/PIN combination.'); if (loginMatch.length === 0) return genericResponse(STATUS_CODE.Forbidden, 'Invalid name/PIN combination.');
const userId = loginMatch[0].userId; const id = loginMatch[0].id;
const email = loginMatch[0].email; const email = loginMatch[0].email;
const deleteCode = loginMatch[0].deleteCode;
switch (req.method) { switch (req.method) {
case 'POST': case 'POST':
if (path === '/auth' || path === '/auth/') { if (path === '/auth' || path === '/auth/') {
return genericResponse(STATUS_CODE.OK, JSON.stringify({ userId, hasEmail: email.length > 0 })); return genericResponse(STATUS_CODE.OK, JSON.stringify({ id, hasEmail: email.length > 0 }));
} }
break; break;
case 'PUT': case 'PUT':
break; break;
case 'DELETE': case 'DELETE':
if (path === '/unenroll' || '/unenroll/') {
//
}
break; break;
} }
} }