login is (almost) fully working now

This commit is contained in:
dorian 2019-08-07 23:03:59 +02:00
parent 903f730502
commit eb8edc8d03
9 changed files with 241 additions and 84239 deletions

View file

@ -125,4 +125,40 @@ triggered by setting POST parameter 'submitSensorData' to a JSON encoded string
- data: Array[Array[sensorId, errorCode]] sensors which were ignored due to some error (401: user doesn't own sensor; 404: senso wasn't found)
only set if status is 901
##
## edit user data
- requests to change user specific data (like adding/removing sensors/api-keys, etc.)
- this type of request is triggered by setting GET parameter 'command' to a JSON encoded string containing the request
- request structure: (JSON object)
- header: (int) containing the desired command
- body: (mixed)(optional) containing the individual request
- reply structure: (JSON object)
- header: (int) indicating if the request was successfull (mostly like HTTP status codes)
- body: (mixed)(optional) containing further data depending on the request
### login
submit username and password to get a session token which can be used to authenticate any further commands
#### Request
- header: 1000
- body: (object)
- username: (string)
- password: (string)
#### Reply
- header: (int)
- 200: OK
- 400: invalid request
- 401: invalid username or password
- body: (string) (only set when header is 200) Session-token
### get user information
submit a sesion token to check if it s valid and get some information about the user if it is
#### Request
- header: 1001
- body: (string) the session token to be checked
#### Reply
- header: (int)
- 200: OK
- 400: invalid request
- 401: the token is invalid
- body: (object) (only set when header is 200)
- username: (string) username of the user the session belongs to
- realname: (string) full name of the user the session belongs to

View file

@ -92,7 +92,7 @@ class BlueWeather
*
* @param string $session session token
*
* @return int (-1: does not exist; x>0: userId)
* @return int (-1: does not exist; >0: userId)
*/
public function checkSession($session)
{
@ -110,6 +110,29 @@ class BlueWeather
return($data['userId']);
}
/**
* Function to user information
*
* @param int $userId id of the user
*
* @return mixed (array with some user information, or -1 if user not found)
*/
public function getUserInfo($userId)
{
$sql = "SELECT username,realname FROM `users`
WHERE`id`=\"".$this->_con->real_escape_string($userId)."\"";
$result = $this->_con->query($sql);
if (!$result->num_rows > 0) {
return -1;
}
// only one row will be returned
$data = $result->fetch_assoc();
return($data);
}
// --------------------
// - getter functions -

File diff suppressed because it is too large Load diff

View file

@ -25,6 +25,8 @@ header('Access-Control-Allow-Origin: *');
$blueweather = new BlueWeather($config);
//$_GET['command'] = '{"header":1001,"body":"undefined"}';
if (isset($_GET['locId'])) {
// get data of given location
$data = $blueweather->getLocationData(
@ -35,6 +37,47 @@ if (isset($_GET['locId'])) {
$sensorData = json_decode($_POST['submitSensorData'], true);
$ret = $blueweather->processSensorData($sensorData);
$data = $ret;
} elseif (isset($_GET['command'])) {
// some user-data api request
$request = json_decode($_GET['command'], true);
if (!$request || !isset($request['header'])) {
$data = array("header"=>400);
} else {
switch ($request['header']) {
case 1000:
// user login
if (!isset($request['body']['username']) || !isset($request['body']['password'])) {
$data = array("header"=>400);
} else {
$token = $blueweather->loginUser(
$request['body']['username'],
$request['body']['password']
);
if ($token !== '') {
$data = array("header"=>200, "body"=>$token);
} else {
$data = array("header"=>401);
}
}
break;
case 1001:
// check session
if (!isset($request['body'])) {
$data = array("header"=>400);
} else {
$ret = $blueweather->getUserInfo(
$blueweather->checkSession($request['body'])
);
if ($ret === -1) {
$data = array("header"=>401);
} else {
$data = array("header"=>200, "data"=>$ret);
}
}
}
}
} else {
$data = $blueweather->getAllLocations();
}

View file

@ -15,6 +15,12 @@
width:100%;
}
.feather {
width: 16px;
height: 16px;
vertical-align: text-bottom;
}
/*
* Login modal
*/

View file

@ -2,12 +2,6 @@ body {
font-size: .875rem;
}
.feather {
width: 16px;
height: 16px;
vertical-align: text-bottom;
}
/*
* Sidebar
*/

View file

@ -1,9 +1,12 @@
class BlueWeather {
constructor() {
constructor(profileObjectParent) {
// cunstruct xmlhttp
this.xhttp = new XMLHttpRequest();
this.host = "https://weather.itsblue.de"//window.location.href.substring(0, window.location.href.lastIndexOf("/"));
//this.host = "https://weather.itsblue.de"
this.host = window.location.href.substring(0, window.location.href.lastIndexOf("/"));
this.profileObjectParent = profileObjectParent
this.log("init done", 2)
@ -24,34 +27,44 @@ class BlueWeather {
// ----------------------
restoreSession() {
if(this.getCookie("session") !== "" && this.getCookie("session") !== undefined) {
console.log("old session found: " + this.getCookie("session"), 3)
var thisObject = this
if (this.getCookie("session") !== "" && this.getCookie("session") !== undefined && this.getCookie("session") !== "undefined") {
// old session found
this.session.loggedIn = true
this.session.token = this.getCookie("session")
console.log("old session found: " + this.getCookie("session"), 3)
// check if the session is still valid
this.checkSession(this.getCookie("session"), function (sessionIsValid) {
if (sessionIsValid) {
thisObject.session.loggedIn = true
thisObject.session.token = thisObject.getCookie("session")
}
thisObject.loadProfileObject(thisObject.profileObjectParent)
})
}
else {
this.loadProfileObject(this.profileObjectParent)
}
}
login(async, username, password, processingFunction) {
this.xhttp.abort()
var xhttp = new XMLHttpRequest();
var thisObject = this
if (async) {
this.xhttp.onreadystatechange = function() {
xhttp.onreadystatechange = function () {
if (this.readyState === 4) {
// Typical action to be performed when the document is ready:
if (this.status === 200) {
thisObject.log("login response was: " + this.responseText, 3)
var ret = JSON.parse(this.responseText)
if(ret && ret['status'] === 200) {
//this.session.token = ret["token"]
//this.session.loggedIn = true
if (ret && ret['header'] === 200) {
thisObject.session.token = ret["body"]
document.cookie = "session=" + ret["body"] + ";"
thisObject.session.loggedIn = true
processingFunction(true)
return
}
else {
//this.session.token = ""
//this.session.loggedIn = false
thisObject.endSession()
}
}
processingFunction(false)
@ -59,15 +72,49 @@ class BlueWeather {
}
}
var url = this.host + "/api/json.php"
this.log("starting location request; URL is: " + url, 3)
this.xhttp.open("GET", url, async)
this.xhttp.send()
var request = JSON.stringify({ header: 1000, body: { username: username, password: password } })
var url = this.host + "/api/json.php?command=" + request
this.log("starting login request; URL is: " + url, 3)
xhttp.open("GET", url, async)
xhttp.send()
}
checkSession(token, processingFunction) {
var xhttp = new XMLHttpRequest();
var thisObject = this
xhttp.onreadystatechange = function () {
if (this.readyState === 4) {
if (this.status === 200) {
thisObject.log("login response was: " + this.responseText, 3)
var ret = JSON.parse(this.responseText)
if (ret && ret['header'] === 200) {
thisObject.session.user.username = ret["data"]["username"]
thisObject.session.user.realName = ret["data"]["realname"]
processingFunction(true)
return
}
else {
thisObject.endSession()
}
}
processingFunction(false)
}
}
var request = JSON.stringify({ header: 1001, body: token })
var url = this.host + "/api/json.php?command=" + request
this.log("starting session check request; URL is: " + url, 3)
xhttp.open("GET", url, true)
xhttp.send()
}
endSession() {
document.cookie = "session=;"
window.location.href = "./index.html"
if (this.session.loggedIn) {
// if the user was logged in before
location.reload()
}
}
// --------------------
@ -139,10 +186,14 @@ class BlueWeather {
// ----------------------
loadProfileObject(parent) {
parent = this.profileObjectParent
if (!parent) {
this.log("error: no profile object parent", 3)
return false
}
parent = document.getElementById(parent)
var thisObject = this
var profileObject = document.createElement("li")
@ -263,8 +314,11 @@ class BlueWeather {
thisObject.login(true, username, password, function (loginSuccess) {
if (!loginSuccess) {
alert.appear()
}
signInButton.setNormal()
}
else {
location.reload()
}
})
}
// ----------
@ -302,11 +356,12 @@ class BlueWeather {
profileDropdown.setAttribute("aria-labelledby", "userDropdown")
// fill the dropdown menu
function createDropdownMenuElement(icon, text) {
function createDropdownMenuElement(icon, text, onclick=null) {
// create element
var elem = document.createElement("a")
elem.classList.add("dropdown-item")
elem.href = "#"
elem.onclick = onclick
// create icon
var iconSpan = document.createElement("span")
@ -333,7 +388,10 @@ class BlueWeather {
profileDropdown.appendChild(createDropdownSeparator())
profileDropdown.appendChild(createDropdownMenuElement("settings", " Settings"))
profileDropdown.appendChild(createDropdownSeparator())
profileDropdown.appendChild(createDropdownMenuElement("log-out", " Log out"))
profileDropdown.appendChild(createDropdownMenuElement("log-out", " Log out", function() {
document.cookie = "session=;"
location.reload()
}))
}

View file

@ -8,7 +8,7 @@ class BlueWeatherDashboard {
constructor() {
// cunstruct xmlhttp
this.initDone = false
this.blueweather = new BlueWeather()
this.blueweather = new BlueWeather("profileContainer")
this.params = {
loc: 1,
@ -615,5 +615,4 @@ window.onresize = function (event) {
flexFont();
};
feather.replace()
dashboard = new BlueWeatherDashboard()
dashboard.blueweather.loadProfileObject(document.getElementById("profileContainer"))
dashboard = new BlueWeatherDashboard(document.getElementById("profileContainer"))

View file

@ -2,7 +2,7 @@ class BlueWeatherIndex {
constructor() {
this.initDone = false
this.blueweather = new BlueWeather()
this.blueweather = new BlueWeather("profileContainer")
this.initDone = true
@ -56,4 +56,3 @@ class BlueWeatherIndex {
}
feather.replace()
index = new BlueWeatherIndex()
index.blueweather.loadProfileObject(document.getElementById("profileContainer"))