add jwt test, and added downcase for all username database queries.
Signed-off-by: Joseph.Roy <Joseph.Roy@PSV-JOSEPHR-LAP>
This commit is contained in:
parent
d91d31ca3e
commit
35440e6b43
12
auth/auth.rb
12
auth/auth.rb
|
@ -9,12 +9,22 @@ require 'json'
|
||||||
require 'sqlite3'
|
require 'sqlite3'
|
||||||
require 'jwt'
|
require 'jwt'
|
||||||
|
|
||||||
payload = { data: 'test', test: 'hello' }
|
payload = { data: {time: 'now', help: 'no'}.to_json, test: 'hello' }
|
||||||
hmac_secret = 'my$ecretK3y'
|
hmac_secret = 'my$ecretK3y'
|
||||||
token = JWT.encode payload, hmac_secret, 'HS256'
|
token = JWT.encode payload, hmac_secret, 'HS256'
|
||||||
#puts token
|
#puts token
|
||||||
|
|
||||||
|
begin
|
||||||
decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }
|
decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }
|
||||||
|
puts "Token is valid!"
|
||||||
|
puts "Decoded token: #{decoded_token}"
|
||||||
|
|
||||||
|
puts data_value = decoded_token.first['data']
|
||||||
|
puts test_value = decoded_token.first['test']
|
||||||
|
rescue JWT::DecodeError
|
||||||
|
puts "Invalid token or signature!"
|
||||||
|
end
|
||||||
|
|
||||||
#puts decoded_token
|
#puts decoded_token
|
||||||
|
|
||||||
initialize_database
|
initialize_database
|
||||||
|
|
|
@ -7,13 +7,13 @@ def create_new_user(username, password)
|
||||||
db.execute('
|
db.execute('
|
||||||
INSERT INTO users (username, hashed_password)
|
INSERT INTO users (username, hashed_password)
|
||||||
VALUES (?, ?)
|
VALUES (?, ?)
|
||||||
', [username, create_password_for_user(password)])
|
', [username.downcase, create_password_for_user(password)])
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_if_user_exists(username)
|
def check_if_user_exists(username)
|
||||||
db = SQLite3::Database.new('./database/auth.db')
|
db = SQLite3::Database.new('./database/auth.db')
|
||||||
|
|
||||||
result = db.get_first_value('SELECT COUNT(*) FROM users WHERE username = ?', username)
|
result = db.get_first_value('SELECT COUNT(*) FROM users WHERE username = ?', username.downcase)
|
||||||
|
|
||||||
if result > 0
|
if result > 0
|
||||||
return true
|
return true
|
||||||
|
@ -30,7 +30,7 @@ def get_user_id(username)
|
||||||
FROM users U
|
FROM users U
|
||||||
WHERE U.username = ?
|
WHERE U.username = ?
|
||||||
|
|
||||||
', [username])
|
', [username.downcase])
|
||||||
|
|
||||||
return user_id
|
return user_id
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue