2022-12-30 17:04:27 +01:00
|
|
|
require "uri"
|
2022-12-30 18:34:55 +01:00
|
|
|
require "crypto/bcrypt/password"
|
2022-12-30 17:04:27 +01:00
|
|
|
|
|
|
|
include CrystalGauntlet
|
|
|
|
|
|
|
|
module CrystalGauntlet::Accounts
|
|
|
|
extend self
|
|
|
|
|
|
|
|
def get_ext_id_from_params(params : URI::Params) : String
|
|
|
|
return "1"
|
|
|
|
if params.has_key?("udid") && params["udid"] != ""
|
|
|
|
# todo: numeric id check
|
|
|
|
params["udid"]
|
|
|
|
elsif params.has_key?("account_id") && params["account_id"] != "" && params["account_id"] != "0"
|
|
|
|
# todo: validate password
|
|
|
|
params["account_id"]
|
|
|
|
else
|
|
|
|
"-1"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def get_user_id(username : String, ext_id : String) : Int32
|
|
|
|
DATABASE.query("select id from users where udid = ? or account_id = ?", ext_id, ext_id) do |rs|
|
2022-12-30 18:34:55 +01:00
|
|
|
if rs.move_next
|
2022-12-30 17:04:27 +01:00
|
|
|
return rs.read(Int32)
|
|
|
|
else
|
|
|
|
raise "no user associated with account?!"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2022-12-30 18:34:55 +01:00
|
|
|
|
|
|
|
def verify_gjp(account_id : String, gjp : String) : Bool
|
|
|
|
hash = DATABASE.scalar("select password from accounts where id = ?", account_id).as(String)
|
|
|
|
bcrypt = Crypto::Bcrypt::Password.new(hash)
|
|
|
|
bcrypt.verify(GJP.decrypt(gjp))
|
|
|
|
end
|
2022-12-30 17:04:27 +01:00
|
|
|
end
|