diff --git a/code/common.sh b/code/common.sh index 215772e..5bd0b17 100644 --- a/code/common.sh +++ b/code/common.sh @@ -10,12 +10,33 @@ function get_auth_string() { echo "Authorization: Bearer $(cat secret/authToken)" } +# check_if_user_exists(file) +function check_if_user_exists() { + if ! session_verify ${cookies[sh_session]}; then + exit 0 + fi + + if [[ $1 == "refreshToken" ]]; then + if [[ $(cat secret/refreshTokens.dat | grep "${cookies[sh_session]}:") != "" ]]; then + return 1 + fi + elif [[ $1 == "authToken" ]]; then + if [[ $(cat secret/authTokens.dat | grep "${cookies[sh_session]}:") != "" ]]; then + return 1 + fi + fi + return 0 +} + # add_account_refreshtoken(refreshtoken) function add_account_refreshtoken() { if ! session_verify ${cookies[sh_session]}; then exit 0 fi - echo $(session_get_username ${cookies[sh_session]}):$1 >> secret/refreshTokens.dat + + if check_if_user_exists refreshToken; then + echo ${cookies[sh_session]}:$1 >> secret/refreshTokens.dat + fi } @@ -24,5 +45,8 @@ function add_account_authtoken() { if ! session_verify ${cookies[sh_session]}; then exit 0 fi - echo $(session_get_username ${cookies[sh_session]}):$1 >> secret/authTokens.dat + + if check_if_user_exists authToken; then + echo ${cookies[sh_session]}:$1 >> secret/authTokens.dat + fi } \ No newline at end of file diff --git a/secret/authTokens.dat b/secret/authTokens.dat new file mode 100644 index 0000000..e69de29 diff --git a/secret/refreshTokens.dat b/secret/refreshTokens.dat new file mode 100644 index 0000000..e69de29 diff --git a/webroot/api/register.shs b/webroot/api/register.shs index e37e827..f208c4f 100644 --- a/webroot/api/register.shs +++ b/webroot/api/register.shs @@ -1,10 +1,11 @@ #!/bin/bash -if [[ ${post_data[login]} != '' && ${post_data[password]} != '' ]]; then +if [[ ${post_data[login]} != '' && ${post_data[password]} != '' && ${post_data[phone]} != '' ]]; then register ${post_data[login]} ${post_data[password]} status=$? if [[ $status == 0 ]]; then jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args 200 "success" + curl -s "https://api-inmobile-pl.easypack24.net/v1/sendSMSCode/${post_data[phone]}" > /dev/null elif [[ $status == 1 && $reason != '' ]]; then jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args -1 "$reason" fi diff --git a/webroot/api/smscode.shs b/webroot/api/smscode.shs index 7acff41..da2b2ea 100644 --- a/webroot/api/smscode.shs +++ b/webroot/api/smscode.shs @@ -3,8 +3,10 @@ if ! session_verify ${cookies[sh_session]}; then exit 0 fi -if [[ ${get_data[phone]} != "" && ${post_data[code]} != "" ]]; then - tokens=$(curl -s -X POST -H "Content-type: application/json" --data '{"phoneOS":"Android"}' "https://api-inmobile-pl.easypack24.net/v1/confirmSMSCode/${get_data[phone]}/${post_data[code]}") +source code/common.sh + +if [[ ${post_data[phone]} != "" && ${post_data[code]} != "" ]]; then + tokens=$(curl -s -X POST -H "Content-type: application/json" --data '{"phoneOS":"Android"}' "https://api-inmobile-pl.easypack24.net/v1/confirmSMSCode/${post_data[phone]}/${post_data[code]}") if [[ $(echo $tokens | jq .status) == "404" ]]; then jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args -1 "wrongData"