2023-07-19 23:22:47 (UTC-03:00)
Marcel Rodrigues <marcelgmr@gmail.com>
add User table to DB config
diff --git a/cogit/cfg.lua b/cogit/cfg.lua index 4780053..a5a0c7c 100644 --- a/cogit/cfg.lua +++ b/cogit/cfg.lua @@ -1,5 +1,7 @@ local lud = require "ludweb" +local hash = require "cogit.hash" + local schema = [[ CREATE TABLE IF NOT EXISTS Config ( id INTEGER PRIMARY KEY AUTOINCREMENT, @@ -10,16 +12,31 @@ CREATE TABLE IF NOT EXISTS Config ( ses_age INTEGER NOT NULL, log_lvl INTEGER NOT NULL ); +CREATE TABLE IF NOT EXISTS User ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + nick TEXT NOT NULL UNIQUE, + name TEXT NOT NULL, + salt TEXT, + hash TEXT, + is_admin INTEGER +); ]] local CFG = {} CFG.__index = CFG function CFG:add_defaults() + local pass = hash.get_pass("admin password: ") + local salt = hash.get_salt() + local hash = hash.hash_pass(pass, salt) self.db:execute[[ - INSERT INTO Config(id, name, title, port, pg_size, ses_age, log_lvl) Values + INSERT INTO Config(id, name, title, port, pg_size, ses_age, log_lvl) VALUES (1, "default", "cogit", 8080, 20, 72*60*60, 2); ]] + self.db:execute([[ + INSERT INTO User(id, nick, name, salt, hash, is_admin) VALUES + (1, "admin", "Admin", ?, ?, 1); + ]], lud.crypt.b64_enc(salt), lud.crypt.b64_enc(hash)) return 1 end @@ -45,6 +62,10 @@ function CFG:pg_size() return self:get_config("pg_size") end function CFG:ses_age() return self:get_config("ses_age") end function CFG:log_lvl() return self:get_config("log_lvl") end +function CFG:get_user(nick) + return self.db:execute("SELECT * FROM User WHERE nick = ?;", nick)[1] +end + function CFG:close() self.db:close() end local function new_cfg(path) diff --git a/cogit/cogit.lua b/cogit/cogit.lua index a80eb40..146cb73 100644 --- a/cogit/cogit.lua +++ b/cogit/cogit.lua @@ -53,11 +53,13 @@ local function allowed(user, gname) elseif user == nil then return false end - for _, ok in ipairs(user.groups) do - if gname == ok then - return true - end - end + if user.is_admin then return true end + -- groups are not yet implemented in DB + --~ for _, ok in ipairs(user.groups) do + --~ if gname == ok then + --~ return true + --~ end + --~ end return false end @@ -108,7 +110,7 @@ function Cogit:get_user(cookies) if uname == nil then return nil end - return self.users[uname] + return self.cfg:get_user(uname) end function Cogit:routes() @@ -141,7 +143,7 @@ function Cogit:routes() function (req) local uname = req.form.username local pass = req.form.password - local user = self.users[uname] + local user = self.cfg:get_user(uname) local salt, h if user == nil then -- hash something as if we're trying to login anyway @@ -271,7 +273,6 @@ local function new_cogit(path) self.path = path self.sessions = {} self.initialized = false - self.users = dofile(path.."/conf.lua") self.cfg = cfg.new_cfg(path.."/conf.db") self.log_level = self.cfg:log_lvl() self:init() diff --git a/cogit/hash.lua b/cogit/hash.lua index c396c66..b02b74a 100644 --- a/cogit/hash.lua +++ b/cogit/hash.lua @@ -18,7 +18,7 @@ local function hash_pass(pass, salt) end if arg[0] ~= "hash.lua" then - return {get_salt=get_salt, hash_pass=hash_pass} + return {get_pass=get_pass, get_salt=get_salt, hash_pass=hash_pass} end local pass, pass2 diff --git a/conf.lua b/conf.lua deleted file mode 100644 index b3f029e..0000000 --- a/conf.lua +++ /dev/null @@ -1,13 +0,0 @@ ---[[ -Put this file on the same folder as public/ and customize it. -]] - -return { - ["guest"] = { - salt = "GfwhQ/F6HYnv6g5qrpv58NgMWmOF6nsQXc8RVr6C8Fc=", - hash = "uxfQEiPSWAuu96rYpqYfi0kcue0ZiTvSCDX3ngFjC3RqLa7v9OouFd5UglJ7vh52nNDh2E9cG/f0RlVrLzIE9Q==", - nick = "guest", - name = "Guest", - groups = {"guests"}, - }, -}