diff --git a/src/app.rb b/src/app.rb index 9b9c9be..2c6e6e9 100755 --- a/src/app.rb +++ b/src/app.rb @@ -31,6 +31,8 @@ get "/" do end get "/login" do + info = session[:error_msg] != nil ? {error_msg: session[:error_msg]} : {} + session[:error_msg] = nil serve :"user/login" end @@ -41,14 +43,14 @@ get "/register" do end # API stuff -post "/user" do +post "/register" do email = params[:email] name = params[:name] password = params[:password] password_confirm = params[:password_confirm] status, ret = User.register(email, name, password, password_confirm) - Console::debug "STATUS: #{status}", ret + Console.debug "/register STATUS: #{status}", ret if !status then # if something went wrong then return to 0 session[:error_msg] = ret redirect "/register" @@ -57,8 +59,18 @@ post "/user" do end end -post "/user/login" do - # login user - redirect "/" +post "/login" do + email = params[:email] + password = params[:password] + + status, ret = User.login(email, password) + Console.debug "/login STATUS: #{status}", ret + if !status then + session[:error_msg] = ret + redirect "/login" + else + session[:user] = User.new(ret) + redirect "/" + end end diff --git a/src/db_models.rb b/src/db_models.rb index 80f26e2..6033240 100644 --- a/src/db_models.rb +++ b/src/db_models.rb @@ -1,5 +1,17 @@ # User table model -class User < Entity +class User < EntityModel + attr_reader :email, :name, :bio_text, :balance, :avatar_url, :reputation + + def initialize(user_info) + super user_info + @email = user_info["email"] + @name = user_info["name"] + @bio_text = user_info["bio_text"] + @balance = user_info["balance"] + @avatar_url = user_info["avatar_url"] + @reputation = user_info["reputation"] + end + # Find user by ID, returns multiple results if multiple IDs exist # (which wont happen since IDs are unique) def self.find_by_id(id) @@ -37,12 +49,16 @@ class User < Entity return true, "" end + def self.validate_password(pw_hash, password) + BCrypt::Password.new(pw_hash) == password + end + # Register a new user # Returns: success?, data def self.register(email, name, password, password_confirm) check, errorstr = self.validate_register_creds(email, name, password, password_confirm) - if( check ) then + if check then pw_hash = BCrypt::Password.create(password) data = { # payload name: name, @@ -57,13 +73,18 @@ class User < Entity end end + # Log in user - # Returns: success?, auth token + # Returns: success?, user info def self.login(email, password) user_query = self.find_by_email email # get the user info - if user_query.length >= 1 then - user_info = user_query.first - end + return false, LOGIN_ERRORS[:fail] unless user_query.length >= 1 # Verify that a user was found + + user_info = user_query.first + pw_check = self.validate_password user_info["pw_hash"], password + return false, LOGIN_ERRORS[:fail] unless pw_check # Verify password + + return true, user_info end end diff --git a/src/debug.rb b/src/debug.rb index e551e74..7531722 100644 --- a/src/debug.rb +++ b/src/debug.rb @@ -1,4 +1,4 @@ -module Console +class Console def self.log(str, indent=4, *args) puts "#{str}" diff --git a/src/lib/database.rb b/src/lib/database.rb index 432cb08..a23efd8 100644 --- a/src/lib/database.rb +++ b/src/lib/database.rb @@ -4,9 +4,12 @@ def db dbbuf end -class Entity - attr_reader :name, :path - attr_accessor :tables +class EntityModel + attr_accessor :data + + def initialize(data) + @data = data + end # Creates the table def self.init_table diff --git a/src/views/layout.slim b/src/views/layout.slim index 854283f..965b28a 100644 --- a/src/views/layout.slim +++ b/src/views/layout.slim @@ -12,7 +12,7 @@ html lang="en" h2 = get_random_subtitle nav ul - - unless session[:auth_token] + - unless session[:user] li a.button#register href="/register" target="_self" | Register @@ -21,8 +21,9 @@ html lang="en" | Log in - else li - a.button#profile href="/profile" target="_self" - | Profile + label = session[:user].name + a href="/profile" target="_self" + img.avatar src=session[:user].avatar_url alt="Your avatar" .content-container ==yield diff --git a/src/views/stylesheets/style.sass b/src/views/stylesheets/style.sass index 860a911..6ff7fd8 100644 --- a/src/views/stylesheets/style.sass +++ b/src/views/stylesheets/style.sass @@ -102,6 +102,16 @@ label.error_msg font-size: 1rem font-weight: bold +img.avatar + width: 3.4rem + height: 3.4rem + border-radius: 50% + border: 2px solid $shadow_clr + transition: border .2s + +img.avatar:hover + border: 2px solid $special_btn_clr + .form-container display: flex justify-content: center diff --git a/src/views/user/login.slim b/src/views/user/login.slim index 9b1d383..b182e56 100644 --- a/src/views/user/login.slim +++ b/src/views/user/login.slim @@ -1,5 +1,5 @@ .form-container - form action="/user/login" method="post" + form action="/login" method="post" h2 Log in label.error_msg = info[:error_msg] input type="text" name="email" placeholder="Email" diff --git a/src/views/user/register.slim b/src/views/user/register.slim index 6e1ef53..616ecb7 100644 --- a/src/views/user/register.slim +++ b/src/views/user/register.slim @@ -1,5 +1,5 @@ .form-container - form action="/user" method="post" + form action="/register" method="post" h2 Register Account label.error_msg = info[:error_msg] input type="text" name="email" placeholder="Email"