oat/crystal-gauntlet
oat/crystal-gauntlet
1
0
Fork 1
Code Issues 11 Pull requests Packages Projects Releases Wiki Activity
crystal-gauntlet/src/endpoints/accounts/loginAccount.cr

36 lines
856 B
Crystal
Raw Normal View History

some minor refactoring
2022-12-30 17:04:27 +01:00
require "uri"
require "base64"
require "crypto/bcrypt/password"
include CrystalGauntlet
refactor endpoint system context is now passed in instead of just the body will allow for ip bans and similar in the future :slugclose:
2023-01-03 08:02:50 +01:00
CrystalGauntlet.endpoints["/accounts/loginGJAccount.php"] = ->(context : HTTP::Server::Context): String {
params = URI::Params.parse(context.request.body.not_nil!.gets_to_end)
clean up comments
2023-01-02 13:12:41 +01:00
LOG.debug { params.inspect }
some minor refactoring
2022-12-30 17:04:27 +01:00
username = params["userName"]
password = params["password"]
stricter requirements for accounts
2023-01-03 14:20:31 +01:00
if password.size < 6
return "-8"
end
if username.size < 3
return "-9"
end
bug: destroyed
2022-12-31 06:20:03 +01:00
result = DATABASE.query_all("select id, password from accounts where username = ?", username, as: {Int32, String})
some minor refactoring
2022-12-30 17:04:27 +01:00
if result.size > 0
account_id, hash = result[0]
bcrypt = Crypto::Bcrypt::Password.new(hash)
if bcrypt.verify(password)
slightly tweak account lib stuff
2022-12-31 18:12:22 +01:00
user_id = Accounts.get_user_id(account_id)
some minor refactoring
2022-12-30 17:04:27 +01:00
"#{account_id},#{user_id}"
else
stricter requirements for accounts
2023-01-03 14:20:31 +01:00
return "-11"
some minor refactoring
2022-12-30 17:04:27 +01:00
end
else
return "-1"
end
}
Reference in a new issue Copy permalink