+ register, smscode; now verifies that htere's only one token per user

2020-09-19 19:53:02 +02:00 · 2020-09-19 19:53:02 +02:00 · b45074a315
parent c9ccf121ab
commit b45074a315
4 changed files with 27 additions and 49 deletions
--- a/webroot/api/register.shs
+++ b/webroot/api/register.shs
@ -0,0 +1,11 @@
+#!/bin/bash
+
+if [[ ${post_data[login]} != '' && ${post_data[password]} != '' ]]; then
+	register ${post_data[login]} ${post_data[password]}
+	status=$?
+	if [[ $status == 0 ]]; then
+		jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args 200 "success"
+	elif [[ $status == 1 && $reason != '' ]]; then
+		jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args -1 "$reason"
+	fi
+fi
--- a/webroot/api/smscode.shs
+++ b/webroot/api/smscode.shs
@ -0,0 +1,16 @@
+#!/bin/bash
+if ! session_verify ${cookies[sh_session]}; then
+	exit 0
+fi
+
+if [[ ${get_data[phone]} != "" && ${post_data[code]} != "" ]]; then
+	tokens=$(curl -s -X POST -H "Content-type: application/json" --data '{"phoneOS":"Android"}' "https://api-inmobile-pl.easypack24.net/v1/confirmSMSCode/${get_data[phone]}/${post_data[code]}")
+
+	if [[ $(echo $tokens | jq .status) == "404" ]]; then
+		jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args -1 "wrongData"
+	else
+		add_account_refreshtoken $(echo $tokens | jq -r .refreshToken)
+		add_account_authtoken $(echo $tokens | jq -r .authToken)
+		jq -n '{status: $ARGS.positional[0], error: $ARGS.positional[1]}' --args 200 "success"
+	fi
+fi
--- a/webroot/register.shs
+++ b/webroot/register.shs
@ -1,28 +0,0 @@
-#!/bin/bash
-
-if [[ ${post_data[login]} != '' && ${post_data[password]} != '' ]]; then
-	register ${post_data[login]} ${post_data[password]}
-	status=$?
-	if [[ $status == 0 ]]; then
-		
-		meta[redirect]='/smscode.shs?phone='${post_data[phone]}
-	fi
-fi
-
-source templates/head.sh
-
-if [[ $status == 1 && $reason != '' ]]; then
-	echo $reason
-fi
-
-echo "<h1>Register</h1>
-<form method='post'>
-<label for='login'>Login:</label>
-<input type='text' name='login'><br>
-<label for='password'>Password:</label>
-<input type='password' name='password'><br>
-<label for='phone'>Phone:</label>
-<input type='tel' name='phone'><br>
-<input type='submit' value='Register'>
-</form>
-(please make sure that you're connecting over SSL)"
--- a/webroot/smscode.shs
+++ b/webroot/smscode.shs
@ -1,21 +0,0 @@
-#!/bin/bash
-if ! session_verify ${cookies[sh_session]}; then
-	exit 0
-fi
-
-if [[ ${get_data[phone]} != "" && ${post_data[code]} != "" ]]; then
-	tokens=$(curl -s -X POST -H "Content-type: application/json" --data '{"phoneOS":"Android"}' "https://api-inmobile-pl.easypack24.net/v1/confirmSMSCode/${get_data[phone]}/${post_data[code]}")
-
-	add_account_refreshtoken $(echo $tokens | jq -r .refreshToken)
-	add_account_authtoken $(echo $tokens | jq -r .authToken)
-
-	echo "success! the token was added to the database!"
-
-elif [[ ${get_data[phone]} != "" ]]; then
-	curl -s "https://api-inmobile-pl.easypack24.net/v1/sendSMSCode/${get_data[phone]}" > /dev/null
-	echo "<form method='post'>
-	<label for='code'>SMS code:</label>
-	<input type='text' name='code'><br>
-	<input type='submit' value='Send'>
-	</form>"
-fi