add ability to check if user exists, and to reject if not. Also add the ability to input username and password on test program

This commit is contained in:
Joseph.Roy 2023-12-13 09:06:34 +00:00
parent c9dfdc6946
commit d91d31ca3e
4 changed files with 26 additions and 2 deletions

View File

@ -1,6 +1,7 @@
GEM
remote: https://rubygems.org/
specs:
bcrypt (3.1.20)
jwt (2.7.1)
mustermann (3.0.0)
ruby2_keywords (~> 0.0.1)
@ -21,6 +22,7 @@ PLATFORMS
x64-mingw-ucrt
DEPENDENCIES
bcrypt
jwt
sinatra
sqlite3

View File

@ -25,6 +25,12 @@ post '/auth/login' do
username = params[:username]
password = params[:password]
unless check_if_user_exists username
status 401
return { jwt: "Unuthorized Access" }.to_json
end
user_id = get_user_id username
unless check_password_for_user(user_id, password)

View File

@ -10,7 +10,17 @@ def create_new_user(username, password)
', [username, create_password_for_user(password)])
end
def check_if_user_exists(username)
db = SQLite3::Database.new('./database/auth.db')
result = db.get_first_value('SELECT COUNT(*) FROM users WHERE username = ?', username)
if result > 0
return true
else
return false
end
end
def get_user_id(username)
db = SQLite3::Database.new('./database/auth.db')

View File

@ -13,8 +13,14 @@ http = Net::HTTP.new(url.host, url.port)
# Create a new Net::HTTP::Post request with the desired path
request = Net::HTTP::Post.new(url.path)
puts 'Enter username:'
username = gets.strip!
puts 'Enter password'
password = gets.strip!
# Set the request body with the data you want to send
request.body = 'username=admin&password=pass1re23'
request.body = "username=#{username}&password=#{password}"
#request.body = "username=admin&password=pass123"
# Set the 'Content-Type' header if needed
request['Content-Type'] = 'application/x-www-form-urlencoded'