diff --git a/Sources/App/Controllers/cntrlRole.swift b/Sources/App/Controllers/AuthControllers/cntrlRole.swift similarity index 100% rename from Sources/App/Controllers/cntrlRole.swift rename to Sources/App/Controllers/AuthControllers/cntrlRole.swift diff --git a/Sources/App/Controllers/AuthControllers/cntrlSegment.swift b/Sources/App/Controllers/AuthControllers/cntrlSegment.swift new file mode 100644 index 0000000..51a147b --- /dev/null +++ b/Sources/App/Controllers/AuthControllers/cntrlSegment.swift @@ -0,0 +1,49 @@ +// +// cntrlSegment.swift +// +// +// Created by Michiel Carman on 4/1/24. +// + +import Fluent +import Vapor + +struct cntrlSegment: RouteCollection { + func boot(routes: RoutesBuilder) throws { + let rts = routes.grouped("segments") + rts.get(use: index) + rts.post(use: create) + rts.put(use: update) + rts.group(":id") { rt in + rts.delete(use: delete) + } + } + + func index(req: Request) async throws -> [mdlSegment] { + try await mdlSegment.query(on: req.db).all() + } + + func create(req: Request) async throws -> mdlSegment { + let obj = try req.content.decode(mdlSegment.self) + try await obj.save(on: req.db) + return obj + } + func update(req: Request) async throws -> mdlSegment{ + let obj = try req.content.decode(mdlSegment.self) + let dbobj = try await mdlSegment.query(on: req.db).filter(\.$id == obj.id!).first()! + + dbobj.updatedate = Date() + dbobj.updateuserid = -1 + try await dbobj.update(on: req.db) + return dbobj + + } + + func delete(req: Request) async throws -> HTTPStatus { + guard let obj = try await mdlSegment.find(req.parameters.get("id"), on: req.db) else { + throw Abort(.notFound) + } + try await obj.delete(on: req.db) + return .noContent + } +} diff --git a/Sources/App/Controllers/AuthControllers/cntrlUser.swift b/Sources/App/Controllers/AuthControllers/cntrlUser.swift new file mode 100644 index 0000000..14fa09a --- /dev/null +++ b/Sources/App/Controllers/AuthControllers/cntrlUser.swift @@ -0,0 +1,99 @@ +// +// File.swift +// +// +// Created by Michiel Carman on 4/1/24. +// + +import Fluent +import Vapor +import Crypto + + + +struct cntrlUser: RouteCollection { + func boot(routes: RoutesBuilder) throws { + let rts = routes.grouped("users") + rts.get(use: index) + rts.get(":credentials", use: login) + rts.post(use: create) + rts.put(use: update) + rts.group(":id") { todo in + rts.delete(use: delete) + } + + //let encryptionKey = SymmetricKey(data: Environment.get("ENCRYPTION_KEY")!.data(using: .utf8)!) +// rts.get(use: "login"){ +// req -> String in guard let dataQuery = req.query[String.self, at: "data"], let data = Data(base64Encoded: dataQuery) else{ +// throw Abort(.badRequest) +// } +// let encryptionKey = SymmetricKey(size: .bits256) { +// let sealedBox = try AES.GCM.SealedBox(combined: data) +// let decryptedData = try AES.GCM.open(sealedBox, using: encryptionKey) +// guard let decryptedString = String(data: decryptedData, encoding: .utf8) else{ +// throw Abort(.internalServerError, "Failed to decode decrypted data.") +// } +// } +// } + } + + + func login(req: Request) async throws -> mdlUser{ + guard let dataQuery = req.parameters.get("credentials") else{ + throw Abort(.badRequest) + } + let data = Data(base64Encoded: dataQuery) + let encryptionKey = SymmetricKey(size: .bits256) + let sealedBox = try AES.GCM.SealedBox(combined: data!) + let decryptedData = try AES.GCM.open(sealedBox, using: encryptionKey) + guard let decryptedString = String(data: decryptedData, encoding: .utf8) else{ + throw Abort(.internalServerError, reason: "Fialed to decode decrypted data.") + } + let credentials = decryptedString.components(separatedBy: ":") + guard credentials.count == 2 else { + throw Abort(.badRequest, reason: "Invalid credential format.") + } + let username = credentials[0] + let password = credentials[1] + + return try await mdlUser.query(on: req.db) + .with(\.$roles) + .with(\.$division) + .with(\.$gate) + .with(\.$location) + .filter(\.$username == username) + .filter( \.$password == password) + .first()! + } + + func index(req: Request) async throws -> [mdlUser] { + try await mdlUser.query(on: req.db).with(\.$roles).all() + } + + func create(req: Request) async throws -> mdlUser { + let obj = try req.content.decode(mdlUser.self) + try await obj.save(on: req.db) + return obj + } + func update(req: Request) async throws -> mdlUser{ + let obj = try req.content.decode(mdlUser.self) + let dbobj = try await mdlUser.query(on: req.db).filter(\.$id == obj.id!).first()! + dbobj.firstname = obj.firstname + dbobj.lastname = obj.lastname + dbobj.email = obj.email + dbobj.password = obj.password + dbobj.updatedate = Date() + dbobj.updateuserid = -1 + try await dbobj.update(on: req.db) + return dbobj + + } + + func delete(req: Request) async throws -> HTTPStatus { + guard let obj = try await mdlUser.find(req.parameters.get("id"), on: req.db) else { + throw Abort(.notFound) + } + try await obj.delete(on: req.db) + return .noContent + } +} diff --git a/Sources/App/Controllers/cntrlSegment.swift b/Sources/App/Controllers/cntrlSegment.swift deleted file mode 100644 index 98ce263..0000000 --- a/Sources/App/Controllers/cntrlSegment.swift +++ /dev/null @@ -1,8 +0,0 @@ -// -// File.swift -// -// -// Created by Michiel Carman on 4/1/24. -// - -import Foundation diff --git a/Sources/App/Controllers/cntrlUser.swift b/Sources/App/Controllers/cntrlUser.swift deleted file mode 100644 index 9d06cb0..0000000 --- a/Sources/App/Controllers/cntrlUser.swift +++ /dev/null @@ -1,64 +0,0 @@ -// -// File.swift -// -// -// Created by Michiel Carman on 4/1/24. -// - -import Fluent -import Vapor - -struct cntrlUser: RouteCollection { - func boot(routes: RoutesBuilder) throws { - let rts = routes.grouped("users") - rts.get(use: index) - rts.get(":userid", ":password", use: login) - rts.post(use: create) - rts.put(use: update) - rts.group(":id") { todo in - rts.delete(use: delete) - } - } - - func login(req: Request) async throws -> mdlUser{ - try await mdlUser.query(on: req.db) - .with(\.$roles) - .with(\.$division) - .with(\.$gate) - .with(\.$location) - .filter(\.$username == req.parameters.get("userid")) - .filter( \.$password == req.parameters.get("password")) - .first()! - } - - func index(req: Request) async throws -> [mdlUser] { - try await mdlUser.query(on: req.db).with(\.$roles).all() - } - - func create(req: Request) async throws -> mdlUser { - let obj = try req.content.decode(mdlUser.self) - try await obj.save(on: req.db) - return obj - } - func update(req: Request) async throws -> mdlUser{ - let obj = try req.content.decode(mdlUser.self) - let dbobj = try await mdlUser.query(on: req.db).filter(\.$id == obj.id!).first()! - dbobj.firstname = obj.firstname - dbobj.lastname = obj.lastname - dbobj.email = obj.email - dbobj.password = obj.password - dbobj.updatedate = Date() - dbobj.updateuserid = -1 - try await dbobj.update(on: req.db) - return dbobj - - } - - func delete(req: Request) async throws -> HTTPStatus { - guard let obj = try await mdlUser.find(req.parameters.get("id"), on: req.db) else { - throw Abort(.notFound) - } - try await obj.delete(on: req.db) - return .noContent - } -}