diff --git a/backend/routes.coffee b/backend/routes.coffee index de46239..ce3c27e 100644 --- a/backend/routes.coffee +++ b/backend/routes.coffee @@ -1,10 +1,11 @@ # node libraries +#(require 'debug').enable 'routes' +logger = (require 'logging').default 'routes' path = (require 'path') # my libraries FFTCGDB = (require './db') FFTCGSESSION = (require './session') -logger = (require 'logging').default 'routes' # open fftcg.db (persistent data) fftcgdb = new FFTCGDB path.resolve(__dirname, 'fftcg.db'), true @@ -47,29 +48,35 @@ module.exports = [ url: '/user/login' method: 'POST' handler: (request, reply) -> - session_id = request.cookies.session - logger.info session_id - session.action session_id - .then (user) -> - logger.info user - .catch (err) -> - logger.error err + session_id = request.cookies.session ? '' - fftcgdb.login request.body.login, request.body.password - .then (user) -> - # login successful - reply.setCookie 'user', JSON.stringify user + new Promise (resolve, reject) -> + session.check session_id + .then (user) -> + logger.debug "user '#{user.login}' resumed session '#{session_id}'" + resolve user - # return JSON status - reply.send - status: 'ok' - user: user.user - login: user.login + .catch -> + fftcgdb.login request.body.login, request.body.password + .then (user) -> + # login successful: start new session + session.start user + .then (session_id) -> + logger.debug "user '#{user.login}' logged into session '#{session_id}'" + reply.setCookie 'session', session_id + resolve user - .catch (err) -> - # login failed - reply.send - status: 'fail' - text: err + .catch (err) -> + logger.info "failed login for '#{request.body.login}'" + # login failed + reply.send + status: 'fail' + msg: err + + .then (user) -> + # user is logged in + reply.send + status: 'ok' + user: user , ] diff --git a/backend/session.coffee b/backend/session.coffee index 922242a..98f2295 100644 --- a/backend/session.coffee +++ b/backend/session.coffee @@ -4,63 +4,48 @@ crypto = (require 'crypto') logger = (require 'logging').default 'session' # expiry times in seconds -TIMES = - minute: 60 - hour: 60 * 60 - day: 60 * 60 * 24 - week: 60 * 60 * 24 * 7 - month: 60 * 60 * 24 * 7 * 4 - EXPIRY = # games expire 1 week after last action - game: 1 * TIMES.week + game: 1 * 60 * 60 * 24 * 7 # logins expire 1 month after last action - login: 1 * TIMES.month + login: 1 * 60 * 60 * 24 * 7 * 4 FFTCGSESSION = () -> - @db = redis.createClient 6379, 'redis' + @db = redis.createClient + host: 'redis' + port: 6379 @db.on 'error', (err) -> logger.error err.message return -FFTCGSESSION::login = (login) -> +FFTCGSESSION::start = (data) -> that = @ - new Promise (resolve, reject) -> + new Promise (resolve) -> + # hash data hmac = crypto.createHmac 'sha256', Math.random().toString() - hmac.update login - digest = hmac.digest 'hex' + hmac.update (JSON.stringify data) + digest = hmac.digest 'base64' + logger.debug 'digest', digest - that.db.setex digest, EXPIRY.login, login, (err) -> - if err - reject err + # push (hash, data) into DB for the configured timespan + that.db.setex digest, EXPIRY.login, (JSON.stringify data), (err) -> + resolve digest - else - resolve digest - - -FFTCGSESSION::action = (digest) -> +FFTCGSESSION::check = (digest) -> that = @ new Promise (resolve, reject) -> - that.db.get digest (err, res) -> - logger.info 'err', err, 'res', res - - if err - reject err - - else if res == 0 - resolve null + # refresh expiry timer on digest + that.db.expire digest, EXPIRY.login, (err, res) -> + if res == 0 + reject null else - that.db.expire digest, EXPIRY.login, (err, res) -> - if err - reject err - - else - resolve res + that.db.get digest, (err, res) -> + resolve JSON.parse res module.exports = FFTCGSESSION