// // File.swift // // // Created by Michiel Carman on 4/1/24. // import Fluent import Vapor import Crypto struct cntrlUser: RouteCollection { func boot(routes: RoutesBuilder) throws { let rts = routes.grouped("users") rts.get(use: index) rts.get("login", ":credentials", use: login) rts.post(use: create) rts.put(use: update) rts.group(":id") { todo in rts.delete(use: delete) } rts.get("api", use: api) //let encryptionKey = SymmetricKey(data: Environment.get("ENCRYPTION_KEY")!.data(using: .utf8)!) // rts.get(use: "login"){ // req -> String in guard let dataQuery = req.query[String.self, at: "data"], let data = Data(base64Encoded: dataQuery) else{ // throw Abort(.badRequest) // } // let encryptionKey = SymmetricKey(size: .bits256) { // let sealedBox = try AES.GCM.SealedBox(combined: data) // let decryptedData = try AES.GCM.open(sealedBox, using: encryptionKey) // guard let decryptedString = String(data: decryptedData, encoding: .utf8) else{ // throw Abort(.internalServerError, "Failed to decode decrypted data.") // } // } // } } func api(req: Request) async throws -> String{ return Environment.get("API_KEY")! } func login(req: Request) async throws -> mdlUser{ guard let dataQuery = req.parameters.get("credentials") else{ throw Abort(.badRequest) } let decryptedString = try CustomCrypto.DecryptString(input: dataQuery) let credentials = decryptedString.components(separatedBy: ":") guard credentials.count == 2 else { throw Abort(.badRequest, reason: "Invalid credential format.") } let username = credentials[0] let password = credentials[1] return try await mdlUser.query(on: req.db) .with(\.$roles) .with(\.$division) .with(\.$gate) .with(\.$location) .filter(\.$username == username) .filter( \.$password == password) .first()! } func index(req: Request) async throws -> [mdlUser] { try await mdlUser.query(on: req.db).with(\.$roles).all() } func create(req: Request) async throws -> mdlUser { let obj = try req.content.decode(mdlUser.self) try await obj.save(on: req.db) return obj } func update(req: Request) async throws -> mdlUser{ let obj = try req.content.decode(mdlUser.self) let dbobj = try await mdlUser.query(on: req.db).filter(\.$id == obj.id!).first()! dbobj.firstname = obj.firstname dbobj.lastname = obj.lastname dbobj.email = obj.email dbobj.password = obj.password dbobj.updatedate = Date() dbobj.updateuserid = -1 try await dbobj.update(on: req.db) return dbobj } func delete(req: Request) async throws -> HTTPStatus { guard let obj = try await mdlUser.find(req.parameters.get("id"), on: req.db) else { throw Abort(.notFound) } try await obj.delete(on: req.db) return .noContent } }