sequelize, storage for userdata

2024-05-29 23:19:07 +02:00
parent 9d540d6aa2
commit 09a3d83dc5
12 changed files with 1493 additions and 51 deletions
--- a/server-node/src/auth/passport-config.ts
+++ b/server-node/src/auth/passport-config.ts
@@ -6,14 +6,14 @@ import { HeaderAPIKeyStrategy as HeaderAPIKeyStrategy } from "passport-headerapi
 export function initialize(passport: typeof import("passport")) {
    passport.use("local", new LocalStrategy(
        function(username, password, done) {
-            User.findOne({ username: username }, function (err, user) {
+            User.findOne({ username: username }, async function (err, user) {
                if (err) { 
-                    return done(err); 
+                    return done(err, false); 
                }
                if (!user) { 
                    return done(null, false); 
                }
-                if (!User.verifyPassword(user, password)) { 
+                if (!await User.verifyPassword(user, password)) {
                    return done(null, false); 
                }
                return done(null, user);
@@ -35,7 +35,7 @@ export function initialize(passport: typeof import("passport")) {
                return done(null, user);
            });
        }
-      ));
+    ));

    passport.serializeUser((user, done) => {
        done(null, user.id) //TODO: Extend Express.User to include id wich is set by passport
--- a/server-node/src/auth/user/user-controller.ts
+++ b/server-node/src/auth/user/user-controller.ts
@@ -1,16 +1,55 @@
-import { User } from "./user-model";
+import { Error as SequelizeError, Op } from "sequelize";
+import { Password, User } from "./user-model";

-export function findOne(params: {id?: number, username?: string, apikey?: string}, cb: (err: Error | null, user: User) => void): undefined {
-    //TODO: replace with db connection.
-    cb(null, {
-        id: 1,
-        username: "test",
-        mail: "test@test.com",
-        accessControlList: []
-    });
+type PickOne<T, F extends keyof T> = Pick<T, F> & { [K in keyof Omit<T, F>]?: never };
+
+export function findOne(params: {id?: number, username?: string, apikey?: string}, cb: (err: Error | null, user: User | null) => void): undefined {
+    const query: any = params;
+
+    for (let key in query) {
+        if (query[key] === undefined) {
+            delete query[key];
+        }
+    }
+
+    if(Object.keys(query).length == 0) {
+        cb(new Error("You need to provide at least one argument."), null)
+    }
+
+    User.findOne({
+        where: query
+    }).then(user => {
+        if(user)
+            cb(null, user);
+        else
+            cb(new Error("The requested user was not found."), null);
+    }).catch(e => 
+        cb(e, null)
+    );
 }

-export function verifyPassword(user: User, password: string) {
-    //TODO: replace with db connection.
-    return password == "test";
+export async function verifyPassword(user: User, password: string): Promise<boolean> {
+    const passwordRecord = await user.getPassword();
+    if(!passwordRecord) {
+        throw new Error("This user does not have a password set!");
+    }
+    return passwordRecord.password == password;
+}
+
+export function createUser(params: { username: string, password: string }, cb: (err: SequelizeError | null, user: User | null) => void ) {
+    User.create({ username: params.username, authenticationMethod: "password" }).then(async user => {
+        user.setPassword(await Password.create({
+            password: params.password,
+        })).then(password => {
+            cb(null, user as any as User)
+        }).catch(e => 
+            cb(e, null)
+        );
+    }).catch(e => 
+        cb(e, null)
+    );
+}
+
+export function createAPIKey(user: User, apikey?: string) {
+
 }
--- a/server-node/src/auth/user/user-model.ts
+++ b/server-node/src/auth/user/user-model.ts
@@ -1,6 +1,80 @@
-export interface User {
-    id: number,
-    username: string,
-    mail: string,
-    accessControlList: string[],
+import {
+    Association, DataTypes, Model, ModelDefined, Optional,
+    Sequelize, InferAttributes, InferCreationAttributes, CreationOptional, NonAttribute, ForeignKey,
+
+    HasManyAddAssociationMixin, HasManyCountAssociationsMixin,
+    HasManyCreateAssociationMixin, HasManyGetAssociationsMixin, HasManyHasAssociationMixin,
+    HasManySetAssociationsMixin, HasManyAddAssociationsMixin, HasManyHasAssociationsMixin,
+    HasManyRemoveAssociationMixin, HasManyRemoveAssociationsMixin, 
+
+    HasOneGetAssociationMixin, HasOneSetAssociationMixin, HasOneCreateAssociationMixin,
+} from 'sequelize';
+
+export class User extends Model<InferAttributes<User>, InferCreationAttributes<User>> {
+    declare id: CreationOptional<number>;
+    declare username: string;
+    declare mail?: string;
+    declare authenticationMethod: string;
+
+    declare getPassword: HasOneGetAssociationMixin<Password | undefined>; // Note the null assertions!
+    declare setPassword: HasOneSetAssociationMixin<Password | undefined, number>;
+    declare createPassword: HasOneCreateAssociationMixin<Password>;
+
+    declare getAccessRules: HasManyGetAssociationsMixin<AccessRule | undefined>; // Note the null assertions!
+    declare addAccessRule: HasManyAddAssociationMixin<AccessRule | undefined, number>;
+    declare addAccessRules: HasManyAddAssociationsMixin<AccessRule | undefined, number>;
+    declare setAccessRules: HasManySetAssociationsMixin<AccessRule | undefined, number>;
+    declare removeAccessRule: HasManyRemoveAssociationMixin<AccessRule | undefined, number>;
+    declare removeAccessRules: HasManyRemoveAssociationsMixin<AccessRule | undefined, number>;
+    declare hasAccessRule: HasManyHasAssociationMixin<AccessRule | undefined, number>;
+    declare hasAccessRules: HasManyHasAssociationsMixin<AccessRule | undefined, number>;
+    declare countAccessRules: HasManyCountAssociationsMixin;
+    declare createAccessRule: HasManyCreateAssociationMixin<AccessRule, 'userId'>;
+
+    declare getAPIKeys: HasManyGetAssociationsMixin<APIKey | undefined>; // Note the null assertions!
+    declare addAPIKey: HasManyAddAssociationMixin<APIKey | undefined, number>;
+    declare addAPIKeys: HasManyAddAssociationsMixin<APIKey | undefined, number>;
+    declare setAPIKeys: HasManySetAssociationsMixin<APIKey | undefined, number>;
+    declare removeAPIKey: HasManyRemoveAssociationMixin<APIKey | undefined, number>;
+    declare removeAPIKeys: HasManyRemoveAssociationsMixin<APIKey | undefined, number>;
+    declare hasAPIKey: HasManyHasAssociationMixin<APIKey | undefined, number>;
+    declare hasAPIKeys: HasManyHasAssociationsMixin<APIKey | undefined, number>;
+    declare countAPIKeys: HasManyCountAssociationsMixin;
+    declare createAPIKey: HasManyCreateAssociationMixin<APIKey, 'userId'>;
+
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class Password extends Model<InferAttributes<Password>, InferCreationAttributes<Password>> {
+    declare id: CreationOptional<number>;
+    declare password: string;
+
+    declare ownerId: ForeignKey<User['id']>;
+    declare owner?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class AccessRule extends Model<InferAttributes<AccessRule>, InferCreationAttributes<AccessRule>> {
+    declare id: CreationOptional<number>;
+    declare grants: string;
+
+    declare userId: ForeignKey<User['id']>;
+    declare user?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class APIKey extends Model<InferAttributes<APIKey>, InferCreationAttributes<APIKey>> {
+    declare id: CreationOptional<number>;
+    declare apikey: string;
+
+    declare userId: ForeignKey<User['id']>;
+    declare user?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
 }