Skip to content
Snippets Groups Projects
Commit 994aad4a authored by nicolas.paschoud's avatar nicolas.paschoud
Browse files

Merge branch 'master' of https://gitedu.hesge.ch/nicolas.paschoud/2019_tp2

parents 13c4bf0d f371d40e
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
projet/db/data.sql
+ 1
1
View file @ 994aad4a
projet/db/hyperdrive.sql
+ 6
3
View file @ 994aad4a
...@@ -47,7 +47,8 @@ VALUES ...@@ -47,7 +47,8 @@ VALUES
("b", "test"), ("b", "test"),
("c", "test"), ("c", "test"),
("d", "test"), ("d", "test"),
("e", "test"); ("e", "test"),
("noe", "prov");
INSERT INTO Paths INSERT INTO Paths
VALUES VALUES
...@@ -57,7 +58,8 @@ VALUES ...@@ -57,7 +58,8 @@ VALUES
("/c", "c", NULL), ("/c", "c", NULL),
("/c/test", "c", "/c"), ("/c/test", "c", "/c"),
("/d", "d", NULL), ("/d", "d", NULL),
("/e", "e", NULL); ("/e", "e", NULL),
("/n", "noe", NULL);
INSERT INTO Files INSERT INTO Files
VALUES VALUES
...@@ -66,7 +68,8 @@ VALUES ...@@ -66,7 +68,8 @@ VALUES
("@dfsg", "trois", "/c/test", 46.2054, 6.1459), ("@dfsg", "trois", "/c/test", 46.2054, 6.1459),
("gbvaf", "quatre", "/b", 46.2054, 6.1459), ("gbvaf", "quatre", "/b", 46.2054, 6.1459),
("dsfgh", "cinq", "/d", 46.2054, 6.1459), ("dsfgh", "cinq", "/d", 46.2054, 6.1459),
("sdfa", "six", "/e", 46.2054, 6.1459); ("sdfa", "six", "/e", 46.2054, 6.1459),
("liblb", "myfile", "/n", 46.2054, 6.1459);
INSERT INTO Shares INSERT INTO Shares
VALUES VALUES
......
projet/hyperdrive-rest.js
+ 54
18
View file @ 994aad4a
...@@ -37,10 +37,11 @@ function Payload(user, pass_enc){ ...@@ -37,10 +37,11 @@ function Payload(user, pass_enc){
this.pass_enc = pass_enc; this.pass_enc = pass_enc;
this.toString = function(){ return "{" + this.user + "," + this.pass_enc + "}"}; this.toString = function(){ return "{" + this.user + "," + this.pass_enc + "}"};
} }
function Signature(token){ function Signature(token){
const secret = "our super hyperdrive secret"; const secret = "our super hyperdrive secret" + new Date();
return CryptoJS.HmacSHA512(token, secret); return CryptoJS.HmacSHA512(token, secret);
} }
...@@ -53,31 +54,47 @@ function JWT(pl_user, pl_pass){ ...@@ -53,31 +54,47 @@ function JWT(pl_user, pl_pass){
} }
function add_token(token) { function add_token(token, user) {
if (valid_tokens.indexOf(token) === -1) { for (let i = 0; i < valid_tokens.length; i++) {
valid_tokens.push(token.toString()); if(Object.keys(valid_tokens[i])[0] == token){
valid_tokens.splice(i, 1);
console.log("Unable to add token. (token already present)");
break;
} }
else {
console.log("Unable to add token to valid_tokens. (token already present)");
} }
obj = {}; obj[token.toString()] = user;
valid_tokens.push(obj);
console.log(valid_tokens)
console.log("Successfully added token.");
} }
function remove_token(token) { function remove_token(token) {
if (valid_tokens.indexOf(token) != -1) { for (let i = 0; i < valid_tokens.length; i++) {
var index = valid_tokens.indexOf(token); if(Object.keys(valid_tokens[i])[0] == token){
valid_tokens.splice(index, 1); valid_tokens.splice(i, 1);
console.log("Successfully removed token from valid_tokens.");
return true;
} }
else {
console.log("Unable to remove token from valid_tokens. (Token not present)");
} }
console.log("Unable to remove token from valid_tokens. (Token not present)");
} }
// verify the token
// return : user if exist
function verify_token(token) { function verify_token(token) {
return (valid_tokens.indexOf(token) !== -1); for (let i = 0; i < valid_tokens.length; i++) {
if(Object.keys(valid_tokens[i])[0] == token)
return valid_tokens[i][token];
}
return false;
} }
...@@ -97,7 +114,7 @@ app.get('/login', (req, res) => { ...@@ -97,7 +114,7 @@ app.get('/login', (req, res) => {
const user = req.query['user']; const user = req.query['user'];
const pass = req.query['pass']; const pass = req.query['pass'];
userObject = sql.userExist(user, pass); // userObject = sql.userExist(user, pass);
if (!user || !pass) { if (!user || !pass) {
res.send({ res.send({
...@@ -133,7 +150,7 @@ app.get('/login', (req, res) => { ...@@ -133,7 +150,7 @@ app.get('/login', (req, res) => {
"comment": `Password for user '${ user }' true.` "comment": `Password for user '${ user }' true.`
}) })
add_token(jwt.signedToken); add_token(jwt.signedToken, user);
} }
else { else {
...@@ -233,8 +250,27 @@ app.get('/register/', (req, res) => { ...@@ -233,8 +250,27 @@ app.get('/register/', (req, res) => {
* param : user2 * param : user2
* user1 share a file_id with user2 * user1 share a file_id with user2
*/ */
app.get('/share/:file_id', (req, res) => { app.get('/share/:file_id/:to_user', (req, res) => {
res.send(`Request for a file sharing (id: ${req.params['file_id']})`)
token = req.query["token"]
user = verify_token(token);
console.log("user : " + user)
if (req.params['to_user'] && req.params['file_id']){
to_user = req.params['to_user'];
file_id = req.params['file_id'];
sql.addSharing(user, to_user, file_id).then(function (r) {
res.send(r);
})
}
else{
res.send("Unable to share. Please provide a user to share with and a file_id.");
}
}) })
/** /**
......
projet/node_modules/crypto-js/package.json
+ 0
2
View file @ 994aad4a
...@@ -3,7 +3,6 @@ ...@@ -3,7 +3,6 @@
[ [
"crypto-js@3.1.9-1", "crypto-js@3.1.9-1",
"/Users/nono/Documents/HEPIA/3ème année/WEB avancé/git/2019_tp2/projet" "/Users/nono/Documents/HEPIA/3ème année/WEB avancé/git/2019_tp2/projet"
// "/Users/klaus/Documents/Web/Back/2019_tp2/projet"
] ]
], ],
"_from": "crypto-js@3.1.9-1", "_from": "crypto-js@3.1.9-1",
...@@ -28,7 +27,6 @@ ...@@ -28,7 +27,6 @@
"_resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-3.1.9-1.tgz", "_resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-3.1.9-1.tgz",
"_spec": "3.1.9-1", "_spec": "3.1.9-1",
"_where": "/Users/nono/Documents/HEPIA/3ème année/WEB avancé/git/2019_tp2/projet", "_where": "/Users/nono/Documents/HEPIA/3ème année/WEB avancé/git/2019_tp2/projet",
// "_where": "/Users/klaus/Documents/Web/Back/2019_tp2/projet",
"author": { "author": {
"name": "Evan Vosberg", "name": "Evan Vosberg",
"url": "http://github.com/evanvosberg" "url": "http://github.com/evanvosberg"
......
projet/sql-request.js
+ 49
1
View file @ 994aad4a
...@@ -123,6 +123,54 @@ async function changeDirectory(login, path, callback){ ...@@ -123,6 +123,54 @@ async function changeDirectory(login, path, callback){
}); });
} }
// verify if a file_id is at a user
function verify_user_file_id(file_id, login){
return new Promise(resolve => {
let q = `SELECT (login) FROM Files as F LEFT JOIN Paths as P ON F.paths = P.paths WHERE F.file_id = '${file_id}';`
con.query(q, function(err, res) {
if (err) {
console.log("Error while veryfing file_id for user");
console.log(err);
resolve(false);
}
console.log(res.length)
// return new Promise(resolve => resolve("resolved"));
if (res.length > 0){
if (res[0].login == login)
resolve(true);
resolve(false);
}
resolve(false);
});
});
}
async function addSharing(login, to_user, file_id){
verif = await verify_user_file_id(file_id, login);
if (verif){
let q = `INSERT INTO Shares VALUES ('${login}', '${to_user}', '${file_id}');`;
con.query(q, function(err, res) {
if (err) {
console.log("Error while adding a share path");
console.log(err);
return "Error sharing - (DB error)";
}
});
// return "New sharing (", login, " --> " + to_user + "( - file_id : " + file_id + ")) added succesfully !";
return "Sharing ok."
}
else{
return "Unable to share, this is not your file.";
}
}
exports.userExist = userExist;
exports.addUser = addUser; exports.addUser = addUser;
exports.addPath = addPath; exports.addPath = addPath;
exports.addSharing = addSharing;
exports.changeDirectory = changeDirectory; exports.changeDirectory = changeDirectory;
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment