|
|
|
@@ -0,0 +1,99 @@ |
|
|
|
// |
|
|
|
// File.swift |
|
|
|
// |
|
|
|
// |
|
|
|
// Created by Michiel Carman on 4/1/24. |
|
|
|
// |
|
|
|
|
|
|
|
import Fluent |
|
|
|
import Vapor |
|
|
|
import Crypto |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
struct cntrlUser: RouteCollection { |
|
|
|
func boot(routes: RoutesBuilder) throws { |
|
|
|
let rts = routes.grouped("users") |
|
|
|
rts.get(use: index) |
|
|
|
rts.get(":credentials", use: login) |
|
|
|
rts.post(use: create) |
|
|
|
rts.put(use: update) |
|
|
|
rts.group(":id") { todo in |
|
|
|
rts.delete(use: delete) |
|
|
|
} |
|
|
|
|
|
|
|
//let encryptionKey = SymmetricKey(data: Environment.get("ENCRYPTION_KEY")!.data(using: .utf8)!) |
|
|
|
// rts.get(use: "login"){ |
|
|
|
// req -> String in guard let dataQuery = req.query[String.self, at: "data"], let data = Data(base64Encoded: dataQuery) else{ |
|
|
|
// throw Abort(.badRequest) |
|
|
|
// } |
|
|
|
// let encryptionKey = SymmetricKey(size: .bits256) { |
|
|
|
// let sealedBox = try AES.GCM.SealedBox(combined: data) |
|
|
|
// let decryptedData = try AES.GCM.open(sealedBox, using: encryptionKey) |
|
|
|
// guard let decryptedString = String(data: decryptedData, encoding: .utf8) else{ |
|
|
|
// throw Abort(.internalServerError, "Failed to decode decrypted data.") |
|
|
|
// } |
|
|
|
// } |
|
|
|
// } |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func login(req: Request) async throws -> mdlUser{ |
|
|
|
guard let dataQuery = req.parameters.get("credentials") else{ |
|
|
|
throw Abort(.badRequest) |
|
|
|
} |
|
|
|
let data = Data(base64Encoded: dataQuery) |
|
|
|
let encryptionKey = SymmetricKey(size: .bits256) |
|
|
|
let sealedBox = try AES.GCM.SealedBox(combined: data!) |
|
|
|
let decryptedData = try AES.GCM.open(sealedBox, using: encryptionKey) |
|
|
|
guard let decryptedString = String(data: decryptedData, encoding: .utf8) else{ |
|
|
|
throw Abort(.internalServerError, reason: "Fialed to decode decrypted data.") |
|
|
|
} |
|
|
|
let credentials = decryptedString.components(separatedBy: ":") |
|
|
|
guard credentials.count == 2 else { |
|
|
|
throw Abort(.badRequest, reason: "Invalid credential format.") |
|
|
|
} |
|
|
|
let username = credentials[0] |
|
|
|
let password = credentials[1] |
|
|
|
|
|
|
|
return try await mdlUser.query(on: req.db) |
|
|
|
.with(\.$roles) |
|
|
|
.with(\.$division) |
|
|
|
.with(\.$gate) |
|
|
|
.with(\.$location) |
|
|
|
.filter(\.$username == username) |
|
|
|
.filter( \.$password == password) |
|
|
|
.first()! |
|
|
|
} |
|
|
|
|
|
|
|
func index(req: Request) async throws -> [mdlUser] { |
|
|
|
try await mdlUser.query(on: req.db).with(\.$roles).all() |
|
|
|
} |
|
|
|
|
|
|
|
func create(req: Request) async throws -> mdlUser { |
|
|
|
let obj = try req.content.decode(mdlUser.self) |
|
|
|
try await obj.save(on: req.db) |
|
|
|
return obj |
|
|
|
} |
|
|
|
func update(req: Request) async throws -> mdlUser{ |
|
|
|
let obj = try req.content.decode(mdlUser.self) |
|
|
|
let dbobj = try await mdlUser.query(on: req.db).filter(\.$id == obj.id!).first()! |
|
|
|
dbobj.firstname = obj.firstname |
|
|
|
dbobj.lastname = obj.lastname |
|
|
|
dbobj.email = obj.email |
|
|
|
dbobj.password = obj.password |
|
|
|
dbobj.updatedate = Date() |
|
|
|
dbobj.updateuserid = -1 |
|
|
|
try await dbobj.update(on: req.db) |
|
|
|
return dbobj |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
func delete(req: Request) async throws -> HTTPStatus { |
|
|
|
guard let obj = try await mdlUser.find(req.parameters.get("id"), on: req.db) else { |
|
|
|
throw Abort(.notFound) |
|
|
|
} |
|
|
|
try await obj.delete(on: req.db) |
|
|
|
return .noContent |
|
|
|
} |
|
|
|
} |