# Install Sinatra: gem install sinatra require_relative "initialize_database" require_relative "database_queries" require_relative "cryptography" require 'sinatra' require 'json' require 'sqlite3' require 'jwt' #puts generate_random_string(256) # #token = JWT.encode payload, hmac_secret, 'HS256' ##puts token # #begin # decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' } # puts "Token is valid!" # puts "Decoded token: #{decoded_token}" # # puts data_value = decoded_token.first['data'] # puts test_value = decoded_token.first['test'] #rescue JWT::DecodeError # puts "Invalid token or signature!" #end #puts decoded_token initialize_database post '/auth/login' do content_type :json username = params[:username] password = params[:password] unless check_if_user_exists username status 401 return { reply: "Unuthorized Access" }.to_json end user_id = get_user_id username unless check_password_for_user(user_id, password) status 401 return { reply: "Unuthorized Access" }.to_json end reauthJWT = get_reauth_jwt user_id return {token: reauthJWT}.to_json end post '/auth/reauthenticate' do content_type :json authorization_header = request.env['HTTP_AUTHORIZATION'] unless authorization_header && authorization_header.match(/^Bearer (.+)/) status 401 return { reply: 'Unauthorized Access. Token missing or invalid.' }.to_json end reauth_token = Regexp.last_match(1) hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg' begin # Verify the token using the secret key decoded_token = JWT.decode(reauth_token, hmac_secret, true, algorithm: 'HS256') # At this point, the token is valid # You can access the claims inside the 'decoded_token' variable uid = decoded_token.first['uid'] # Your reauthentication logic here... # Return a response (replace with your own logic) { reply: get_jwt(uid) }.to_json rescue JWT::DecodeError status 401 return { reply: 'Unauthorized Access. Invalid token.' }.to_json end end def get_reauth_jwt (user_id) #claims = get_claims user_id payload = { sub: 'reauthentication' , admin: check_if_user_is_admin(user_id), iss: 'roysathome.net', uid: user_id, #Example id iat: Time.now.to_i, exp: Time.now.to_i + 3600 } hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg' return JWT.encode payload, hmac_secret, 'HS256' #data: {time: 'now', help: 'no'}.to_json end def get_jwt (user_id) claims = get_claims user_id payload = { sub: 'authentication' , admin: check_if_user_is_admin(user_id), iss: 'roysathome.net', uid: user_id, #Example id iat: Time.now.to_i, exp: Time.now.to_i + 60, claims: claims } hmac_secret = 'WChX-tQWbGbj_pGJQREoFAZGC9JWh58KSk8O7KPj-P8Nd-J88g3eSFDVuNe6zddj0ZB3yxjm_IuPNPyLhiSnxlWHImqXR6ajh3OzrzYm0bNb3f5C4IAScphyEdAfYGMcM-HvYOXxxxp5u5mryfiV3JH1CTqL1CzGyO8df7zUpRKXEXZ5SKmUvhfLU0XKCR_28FAZUgPCAi3GywkDDsH0by68j33BU5cnMT8KiEkHOX4wVUVDQc85_AuE7fN3ji_WkhnDCSLXU9dBCcXM3ziFFeX0RbvIRDG0vKdzwt4TOr4Jws7NP9w11GrUGDFKARZqvT7FTxwxO3MM-mmjb2xyGg' return JWT.encode payload, hmac_secret, 'HS256' end def get_claims (user_id) puts "Getting claims for #{user_id}" db = SQLite3::Database.new('./database/auth.db') results = db.execute(' SELECT C.claim FROM users U INNER JOIN user_claims UC ON U.id = UC.user_id INNER JOIN claims C ON UC.claim_id = U.id WHERE u.id = ? ', user_id) claims_list = [] if results.empty? puts 'No claims found.' else results.each do |column| claim = column[0] claims_list << claim end end return claims_list end # Run the application # ruby your_file_name.rb