UNPKG

@kldit/cms

Version:

A CMS Framework for @kldit/mvc

github.com/kldit/cms

kldit/cms

149 lines (128 loc) 3.17 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
const mvc = require( '@kldit/mvc' ); const sha1 = require('sha1'); const formatter = require('date-and-time'); const MySQL = require('ext-mysql'); module.exports = /** * @author Orlando Leite * * SessionModel class */ class SessionModel extends mvc.BaseModel { constructor( ctx ) { super( ctx ); } async getLoggedUser( ctx, username ) { try { const conn = await ctx.db(); var [rows, fields] = await conn.execute( 'SELECT * FROM ' + process.env.CMS_USERS_TABLE_NAME + ' AS u' + ( process.env.CMS_GROUP_TABLE_NAME != null ? ( ' JOIN ' + process.env.CMS_GROUP_TABLE_NAME + ' AS g ON u.' + process.env.CMS_GROUP_REL_ID + ' = g.id' ) : '' ) + ' WHERE u.' + process.env.CMS_USERS_USERNAME_COLUMN + ' = ?', [username] ); if( rows.length ) return rows[0]; else return null; } catch( err ) { console.error( err ); } } async getUser( ctx, username, password ) { try { const conn = await ctx.db(); const [rows, fields] = await conn.execute( 'SELECT id \ FROM ' + process.env.CMS_USERS_TABLE_NAME + ' WHERE ' + process.env.CMS_USERS_USERNAME_COLUMN + ' = ? AND \ sha1( concat( ' + process.env.CMS_USERS_PASSWORD_COLUMN + ', ? ) ) = ?', [username, process.env.CMS_CONNECTION_HASH, password] ); conn.release(); if( rows.length ) return sha1( password + formatter.format( new Date(), 'YYYY-MM-DD') + rows[0]['id'] ); else return null; } catch( err ) { console.error( err ); } } async loginUser( ctx, username, token ) { try { const conn = await ctx.db(); const [rows, fields] = await conn.execute( 'SELECT id, sha1( concat( ' + process.env.CMS_USERS_PASSWORD_COLUMN + ', ? ) ) AS password FROM ' + process.env.CMS_USERS_TABLE_NAME + ' WHERE ' + process.env.CMS_USERS_USERNAME_COLUMN + ' = ?', [process.env.CMS_CONNECTION_HASH, username] ); if( rows.length ) { if( sha1( rows[0]['password'] + formatter.format( new Date(), 'YYYY-MM-DD') + rows[0]['id'] ) == token ) { return true; } else return false; } else return false; } catch( err ) { console.error( err ); return false; } } async createUser( ctx, name, username, password ) { var result = 0; try { const conn = await ctx.db(); await conn.beginTransaction(); var [rows, fields] = await conn.execute( "SELECT id FROM " + process.env.CMS_USERS_TABLE_NAME + " WHERE " + process.env.CMS_USERS_USERNAME_COLUMN + " = ?", [username] ); if( rows.length == 0 ) { var value = {}; value[process.env.CMS_USERS_NAME_COLUMN] = name; value[process.env.CMS_USERS_USERNAME_COLUMN] = username; value[process.env.CMS_USERS_PASSWORD_COLUMN] = password; var [ids, results] = await conn.insert( process.env.CMS_USERS_TABLE_NAME, [value]); if( ids.length > 0 ) { result = 1; await conn.setTransactionSuccessful(); } } else { result = -1; } } catch( err ) { console.error( err ); } finally { await conn.endTransaction(); return result; } } }