roysathome.net/auth/auth.rb

# Install Sinatra: gem install sinatra
require_relative "initialize_database"
require_relative "database_queries"
require_relative "cryptography"


require 'sinatra'
require 'json'
require 'sqlite3'
require 'jwt'

#puts generate_random_string(256)


#
#token = JWT.encode payload, hmac_secret, 'HS256'
##puts token
#
#begin
#  decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }
#  puts "Token is valid!"
#  puts "Decoded token: #{decoded_token}"
#
#  puts data_value = decoded_token.first['data']
#  puts test_value = decoded_token.first['test']
#rescue JWT::DecodeError
#  puts "Invalid token or signature!"
#end

#puts decoded_token

initialize_database

post '/auth/login' do
  content_type :json
  
  username = params[:username]
  password = params[:password]

  unless check_if_user_exists username
    status 401
    
    return { reply: "Unuthorized Access" }.to_json
  end

  user_id = get_user_id username

  unless check_password_for_user(user_id, password)
    status 401
    
    return { reply: "Unuthorized Access" }.to_json
  end

  reauthJWT = get_reauth_jwt user_id

  return {token: reauthJWT}.to_json
end

post '/auth/reauthenticate' do
  content_type :json

  authorization_header = request.env['HTTP_AUTHORIZATION']

  unless authorization_header && authorization_header.match(/^Bearer (.+)/)
    status 401
    return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json
  end

  reauth_token = Regexp.last_match(1)

  hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'

  begin
    # Verify the token using the secret key
    decoded_token = JWT.decode(reauth_token, hmac_secret, true, algorithm: 'HS256')

    # At this point, the token is valid
    # You can access the claims inside the 'decoded_token' variable
    
    uid = decoded_token.first['uid']

    # Your reauthentication logic here...

    # Return a response (replace with your own logic)
    { reply: get_jwt(uid) }.to_json
  rescue JWT::DecodeError
    status 401
    return { reply: 'Unauthorized Access. Invalid token.' }.to_json
  end
end

def get_reauth_jwt (user_id)
  #claims = get_claims user_id

  payload = { 
    sub: 'reauthentication' ,
    admin: check_if_user_is_admin(user_id),
    iss: 'roysathome.net',
    uid: user_id, #Example id
    iat: Time.now.to_i,
    exp: Time.now.to_i + 3600
  }

  hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'
  return JWT.encode payload, hmac_secret, 'HS256'
#data: {time: 'now', help: 'no'}.to_json
end

def get_jwt (user_id)
  claims = get_claims user_id

  payload = { 
    sub: 'authentication' ,
    admin: check_if_user_is_admin(user_id),
    iss: 'roysathome.net',
    uid: user_id, #Example id
    iat: Time.now.to_i,
    exp: Time.now.to_i + 60,
    claims: claims
  }

  hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'
  return JWT.encode payload, hmac_secret, 'HS256'
end

def get_claims (user_id)
  puts "Getting claims for #{user_id}"
  db = SQLite3::Database.new('./database/auth.db')
  results = db.execute('
    SELECT        C.claim
    FROM          users U
      INNER JOIN  user_claims UC ON U.id = UC.user_id
      INNER JOIN  claims C ON UC.claim_id = U.id  
    WHERE         u.id = ?
  ', user_id)
  
  
  claims_list = []

  if results.empty?
    puts 'No claims found.'
  else
    results.each do |column|
      claim = column[0]
      claims_list << claim
    end
  end

  return claims_list
end

# Run the application
# ruby your_file_name.rb
added ruby files 2023-12-11 00:31:30 +00:00			`# Install Sinatra: gem install sinatra`
add more functionality 2023-12-11 20:56:09 +00:00			`require_relative "initialize_database"`
			`require_relative "database_queries"`
			`require_relative "cryptography"`

added ruby files 2023-12-11 00:31:30 +00:00
			`require 'sinatra'`
			`require 'json'`
			`require 'sqlite3'`
			`require 'jwt'`

add new features for JWT 2023-12-13 16:02:09 +00:00			`#puts generate_random_string(256)`


			`#`
			`#token = JWT.encode payload, hmac_secret, 'HS256'`
			`##puts token`
			`#`
			`#begin`
			`# decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }`
			`# puts "Token is valid!"`
			`# puts "Decoded token: #{decoded_token}"`
			`#`
			`# puts data_value = decoded_token.first['data']`
			`# puts test_value = decoded_token.first['test']`
			`#rescue JWT::DecodeError`
			`# puts "Invalid token or signature!"`
			`#end`
add jwt test, and added downcase for all username database queries. Signed-off-by: Joseph.Roy <Joseph.Roy@PSV-JOSEPHR-LAP> 2023-12-13 10:02:55 +00:00
add more functionality 2023-12-11 20:56:09 +00:00			`#puts decoded_token`
added ruby files 2023-12-11 00:31:30 +00:00
add more functionality 2023-12-11 20:56:09 +00:00			`initialize_database`
added ruby files 2023-12-11 00:31:30 +00:00
add more functionality 2023-12-11 20:56:09 +00:00			`post '/auth/login' do`
make login code work 2023-12-12 22:52:36 +00:00			`content_type :json`

add more functionality 2023-12-11 20:56:09 +00:00			`username = params[:username]`
			`password = params[:password]`

add ability to check if user exists, and to reject if not. Also add the ability to input username and password on test program 2023-12-13 09:06:34 +00:00			`unless check_if_user_exists username`
			`status 401`

add new features for JWT 2023-12-13 16:02:09 +00:00			`return { reply: "Unuthorized Access" }.to_json`
add ability to check if user exists, and to reject if not. Also add the ability to input username and password on test program 2023-12-13 09:06:34 +00:00			`end`

add more functionality 2023-12-11 20:56:09 +00:00			`user_id = get_user_id username`

make login code work 2023-12-12 22:52:36 +00:00			`unless check_password_for_user(user_id, password)`
add more functionality 2023-12-11 20:56:09 +00:00			`status 401`
make login code work 2023-12-12 22:52:36 +00:00
add new features for JWT 2023-12-13 16:02:09 +00:00			`return { reply: "Unuthorized Access" }.to_json`
add more functionality 2023-12-11 20:56:09 +00:00			`end`

add new features for JWT 2023-12-13 16:02:09 +00:00			`reauthJWT = get_reauth_jwt user_id`

add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`return {token: reauthJWT}.to_json`
			`end`

			`post '/auth/reauthenticate' do`
			`content_type :json`

			`authorization_header = request.env['HTTP_AUTHORIZATION']`

			`unless authorization_header && authorization_header.match(/^Bearer (.+)/)`
			`status 401`
			`return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json`
			`end`

			`reauth_token = Regexp.last_match(1)`

			`hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'`

			`begin`
			`# Verify the token using the secret key`
			`decoded_token = JWT.decode(reauth_token, hmac_secret, true, algorithm: 'HS256')`

			`# At this point, the token is valid`
			`# You can access the claims inside the 'decoded_token' variable`

			`uid = decoded_token.first['uid']`

			`# Your reauthentication logic here...`

			`# Return a response (replace with your own logic)`
			`{ reply: get_jwt(uid) }.to_json`
			`rescue JWT::DecodeError`
			`status 401`
			`return { reply: 'Unauthorized Access. Invalid token.' }.to_json`
			`end`
added ruby files 2023-12-11 00:31:30 +00:00			`end`

add new features for JWT 2023-12-13 16:02:09 +00:00			`def get_reauth_jwt (user_id)`
			`#claims = get_claims user_id`

			`payload = {`
			`sub: 'reauthentication' ,`
			`admin: check_if_user_is_admin(user_id),`
			`iss: 'roysathome.net',`
			`uid: user_id, #Example id`
			`iat: Time.now.to_i,`
			`exp: Time.now.to_i + 3600`
			`}`

			`hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'`
			`return JWT.encode payload, hmac_secret, 'HS256'`
			`#data: {time: 'now', help: 'no'}.to_json`
added ruby files 2023-12-11 00:31:30 +00:00			`end`

add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`def get_jwt (user_id)`
			`claims = get_claims user_id`

			`payload = {`
			`sub: 'authentication' ,`
			`admin: check_if_user_is_admin(user_id),`
			`iss: 'roysathome.net',`
			`uid: user_id, #Example id`
			`iat: Time.now.to_i,`
			`exp: Time.now.to_i + 60,`
			`claims: claims`
			`}`

			`hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg'`
			`return JWT.encode payload, hmac_secret, 'HS256'`
			`end`

add new features for JWT 2023-12-13 16:02:09 +00:00			`def get_claims (user_id)`
			`puts "Getting claims for #{user_id}"`
added ruby files 2023-12-11 00:31:30 +00:00			`db = SQLite3::Database.new('./database/auth.db')`
add more functionality 2023-12-11 20:56:09 +00:00			`results = db.execute('`
			`SELECT C.claim`
			`FROM users U`
			`INNER JOIN user_claims UC ON U.id = UC.user_id`
			`INNER JOIN claims C ON UC.claim_id = U.id`
add new features for JWT 2023-12-13 16:02:09 +00:00			`WHERE u.id = ?`
			`', user_id)`
add more functionality 2023-12-11 20:56:09 +00:00

add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`claims_list = []`

add more functionality 2023-12-11 20:56:09 +00:00			`if results.empty?`
			`puts 'No claims found.'`
			`else`
			`results.each do \|column\|`
add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`claim = column[0]`
			`claims_list << claim`
add more functionality 2023-12-11 20:56:09 +00:00			`end`
			`end`

add jwt with claims functionality. 2023-12-14 00:18:12 +00:00			`return claims_list`
added ruby files 2023-12-11 00:31:30 +00:00			`end`

			`# Run the application`
			`# ruby your_file_name.rb`