forked from tildetown/bbj2
WIP making check_auth real
parent
a7b7670d5f
commit
12feb93428
server/cmd
|
@ -124,7 +124,7 @@ func ensureSchema(opts Opts) error {
|
||||||
}
|
}
|
||||||
rows, err := db.Query("select version from meta")
|
rows, err := db.Query("select version from meta")
|
||||||
if err == nil {
|
if err == nil {
|
||||||
//defer rows.Close()
|
defer rows.Close()
|
||||||
rows.Next()
|
rows.Next()
|
||||||
var version string
|
var version string
|
||||||
err = rows.Scan(&version)
|
err = rows.Scan(&version)
|
||||||
|
@ -206,8 +206,33 @@ func setupAPI(opts Opts) {
|
||||||
|
|
||||||
opts.Logf("got %s %s", a.TargetUser, a.TargetHash)
|
opts.Logf("got %s %s", a.TargetUser, a.TargetHash)
|
||||||
|
|
||||||
// TODO
|
db := opts.DB
|
||||||
result := false
|
|
||||||
|
serverErr := func(err error) {
|
||||||
|
opts.Logf("check_auth error: %s", err.Error())
|
||||||
|
http.Error(w, "database error", 500)
|
||||||
|
}
|
||||||
|
|
||||||
|
stmt, err := db.Prepare("select auth_hash from users where user_name = ?")
|
||||||
|
if err != nil {
|
||||||
|
serverErr(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer stmt.Close()
|
||||||
|
|
||||||
|
var authHash string
|
||||||
|
err = stmt.QueryRow(a.TargetUser).Scan(&authHash)
|
||||||
|
if err != nil {
|
||||||
|
// TODO check if there were just no results and return 404
|
||||||
|
serverErr(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO unique constraint on user_name
|
||||||
|
|
||||||
|
if authHash != a.TargetHash {
|
||||||
|
// TODO 403 probably
|
||||||
|
}
|
||||||
|
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
w.Header().Set("Content-Type", "application/json")
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
|
|
@ -15,6 +15,8 @@ create table users (
|
||||||
created real -- floating point unix timestamp (when this user registered)
|
created real -- floating point unix timestamp (when this user registered)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
-- TODO unique constraint on user_name?
|
||||||
|
|
||||||
|
|
||||||
create table threads (
|
create table threads (
|
||||||
thread_id text, -- uuid string
|
thread_id text, -- uuid string
|
||||||
|
|
Loading…
Reference in New Issue