roysathome.net/auth/auth.rb

# Install Sinatra: gem install sinatra
require_relative "initialize_database"
require_relative "database_queries"
require_relative "cryptography"
require_relative "tokens"


require 'sinatra'
require 'json'
require 'sqlite3'
require 'jwt'
require 'dotenv/load'

TOKEN_SECRET = ENV['JWT_SECRET_KEY']
puts TOKEN_SECRET
initialize_database

post '/auth/login' do
  content_type :json
  
  username = params[:username]
  password = params[:password]

  unless check_if_user_exists username
    status 401
    
    return { reply: "Unuthorized Access" }.to_json
  end

  user_id = get_user_id username

  unless check_password_for_user(user_id, password)
    status 401
    
    return { reply: "Unuthorized Access" }.to_json
  end

  reauthJWT = get_reauth_jwt user_id

  return {token: reauthJWT}.to_json
end

post '/auth/reauthenticate' do
  content_type :json

  authorization_header = request.env['HTTP_AUTHORIZATION']

  unless authorization_header && authorization_header.match(/^Bearer (.+)/)
    status 401
    return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json
  end

  reauth_token = Regexp.last_match(1)

  begin
    # Verify the token using the secret key
    decoded_token = JWT.decode(reauth_token, TOKEN_SECRET, true, algorithm: 'HS256')

    # At this point, the token is valid
    # You can access the claims inside the 'decoded_token' variable
    uid = decoded_token.first['uid']
    
    
    # Your reauthentication logic here...

    # Return a response (replace with your own logic)
    { jwt: get_jwt(uid) }.to_json
  rescue JWT::DecodeError
    status 401
    return { reply: 'Unauthorized Access. Invalid token.' }.to_json
  end
end

post '/upload' do

  authorization_header = request.env['HTTP_AUTHORIZATION']

  unless authorization_header && authorization_header.match(/^Bearer (.+)/)
    status 401
    return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json
  end

  token = Regexp.last_match(1)

  begin
    # Verify the token using the secret key
    decoded_token = JWT.decode(token, TOKEN_SECRET, true, algorithm: 'HS256')

    unless decoded_token.first['claims'].include? 'is_machine'
      status 401
      return { reply: 'Unauthorized Access.' }.to_json
    end
  
    # Access the uploaded file through the params hash
    file = params[:file]
      
    # Save the file to the 'uploads' folder
    path =  "#{DATA_LOCATION}#{FILE_STORAGE_LOCATION}/example.txt"
    File.open(path, 'wb') do |f|
      f.write(file[:tempfile].read)
    end
  
    "File uploaded successfully: #{file[:filename]}"
  rescue JWT::DecodeError
    status 401
    return { reply: 'Unauthorized Access. Invalid token.' }.to_json
  end
end

# Run the application
# ruby your_file_name.rb
added ruby files 2023-12-11 00:31:30 +00:00			`# Install Sinatra: gem install sinatra`
add more functionality 2023-12-11 20:56:09 +00:00			`require_relative "initialize_database"`
			`require_relative "database_queries"`
			`require_relative "cryptography"`
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`require_relative "tokens"`
add more functionality 2023-12-11 20:56:09 +00:00
added ruby files 2023-12-11 00:31:30 +00:00
			`require 'sinatra'`
			`require 'json'`
			`require 'sqlite3'`
			`require 'jwt'`
made .env file work 2023-12-15 09:18:31 +00:00			`require 'dotenv/load'`
added ruby files 2023-12-11 00:31:30 +00:00
made .env file work 2023-12-15 09:18:31 +00:00			`TOKEN_SECRET = ENV['JWT_SECRET_KEY']`
			`puts TOKEN_SECRET`
add more functionality 2023-12-11 20:56:09 +00:00			`initialize_database`
added ruby files 2023-12-11 00:31:30 +00:00
add more functionality 2023-12-11 20:56:09 +00:00			`post '/auth/login' do`
make login code work 2023-12-12 22:52:36 +00:00			`content_type :json`

add more functionality 2023-12-11 20:56:09 +00:00			`username = params[:username]`
			`password = params[:password]`

add ability to check if user exists, and to reject if not. Also add the ability to input username and password on test program 2023-12-13 09:06:34 +00:00			`unless check_if_user_exists username`
			`status 401`

add new features for JWT 2023-12-13 16:02:09 +00:00			`return { reply: "Unuthorized Access" }.to_json`
add ability to check if user exists, and to reject if not. Also add the ability to input username and password on test program 2023-12-13 09:06:34 +00:00			`end`

add more functionality 2023-12-11 20:56:09 +00:00			`user_id = get_user_id username`

make login code work 2023-12-12 22:52:36 +00:00			`unless check_password_for_user(user_id, password)`
add more functionality 2023-12-11 20:56:09 +00:00			`status 401`
make login code work 2023-12-12 22:52:36 +00:00
add new features for JWT 2023-12-13 16:02:09 +00:00			`return { reply: "Unuthorized Access" }.to_json`
add more functionality 2023-12-11 20:56:09 +00:00			`end`

add new features for JWT 2023-12-13 16:02:09 +00:00			`reauthJWT = get_reauth_jwt user_id`

add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`return {token: reauthJWT}.to_json`
			`end`

			`post '/auth/reauthenticate' do`
			`content_type :json`

			`authorization_header = request.env['HTTP_AUTHORIZATION']`

			`unless authorization_header && authorization_header.match(/^Bearer (.+)/)`
			`status 401`
			`return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json`
			`end`

			`reauth_token = Regexp.last_match(1)`

			`begin`
			`# Verify the token using the secret key`
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`decoded_token = JWT.decode(reauth_token, TOKEN_SECRET, true, algorithm: 'HS256')`
add jwt with claims functionality. 2023-12-14 00:18:12 +00:00
			`# At this point, the token is valid`
			`# You can access the claims inside the 'decoded_token' variable`
			`uid = decoded_token.first['uid']`
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00
made .env file work 2023-12-15 09:18:31 +00:00
add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`# Your reauthentication logic here...`

			`# Return a response (replace with your own logic)`
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`{ jwt: get_jwt(uid) }.to_json`
add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`rescue JWT::DecodeError`
			`status 401`
			`return { reply: 'Unauthorized Access. Invalid token.' }.to_json`
			`end`
added ruby files 2023-12-11 00:31:30 +00:00			`end`

add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`post '/upload' do`
added ruby files 2023-12-11 00:31:30 +00:00
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`authorization_header = request.env['HTTP_AUTHORIZATION']`
add jwt with claims functionality. 2023-12-14 00:18:12 +00:00
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`unless authorization_header && authorization_header.match(/^Bearer (.+)/)`
			`status 401`
			`return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json`
			`end`

			`token = Regexp.last_match(1)`

			`begin`
			`# Verify the token using the secret key`
			`decoded_token = JWT.decode(token, TOKEN_SECRET, true, algorithm: 'HS256')`

			`unless decoded_token.first['claims'].include? 'is_machine'`
			`status 401`
			`return { reply: 'Unauthorized Access.' }.to_json`
			`end`
add more functionality 2023-12-11 20:56:09 +00:00
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00			`# Access the uploaded file through the params hash`
			`file = params[:file]`

			`# Save the file to the 'uploads' folder`
			`path = "#{DATA_LOCATION}#{FILE_STORAGE_LOCATION}/example.txt"`
			`File.open(path, 'wb') do \|f\|`
			`f.write(file[:tempfile].read)`
add more functionality 2023-12-11 20:56:09 +00:00			`end`
add file transfer feature and add more jwt functionality 2023-12-14 17:30:29 +00:00
			`"File uploaded successfully: #{file[:filename]}"`
			`rescue JWT::DecodeError`
			`status 401`
			`return { reply: 'Unauthorized Access. Invalid token.' }.to_json`
add more functionality 2023-12-11 20:56:09 +00:00			`end`
added ruby files 2023-12-11 00:31:30 +00:00			`end`

			`# Run the application`
			`# ruby your_file_name.rb`