require "sqlite3" require "crypto/bcrypt" require "uuid" require "base64" require "./util" def hash_password(pw) Crypto::Bcrypt::Password.create(pw).to_s end def verify_password(hash, pw) (Crypto::Bcrypt::Password.new hash).verify pw end class Storage def initialize(@path : String, @logger : Logger) dir = File.dirname path unless Dir.exists? dir @logger.info "The DB directory #{dir} does not exist. " \ "Attepmting to create it" Dir.mkdir_p dir end DB.open "sqlite3://#{path}" do |db| begin # We create the `ids` table first. even if the uses has an # early version installed and has the `user` table only, # we will still be able to create `ids` db.exec "create table ids" \ "(path text, id text, is_title integer)" db.exec "create unique index path_idx on ids (path)" db.exec "create unique index id_idx on ids (id)" db.exec "create table users" \ "(username text, password text, token text, admin integer)" rescue e unless e.message.not_nil!.ends_with? "already exists" @logger.fatal "Error when checking tables in DB: #{e}" raise e end else @logger.debug "Creating DB file at #{@path}" db.exec "create unique index username_idx on users (username)" db.exec "create unique index token_idx on users (token)" random_pw = random_str hash = hash_password random_pw db.exec "insert into users values (?, ?, ?, ?)", "admin", hash, nil, 1 @logger.log "Initial user created. You can log in with " \ "#{{"username" => "admin", "password" => random_pw}}" end end end def verify_user(username, password) DB.open "sqlite3://#{@path}" do |db| begin hash, token = db.query_one "select password, token from " \ "users where username = (?)", username, as: {String, String?} unless verify_password hash, password @logger.debug "Password does not match the hash" return nil end @logger.debug "User #{username} verified" return token if token token = random_str @logger.debug "Updating token for #{username}" db.exec "update users set token = (?) where username = (?)", token, username return token rescue e @logger.error "Error when verifying user #{username}: #{e}" return nil end end end def verify_token(token) username = nil DB.open "sqlite3://#{@path}" do |db| begin username = db.query_one "select username from users where " \ "token = (?)", token, as: String rescue e @logger.debug "Unable to verify token" end end username end def verify_admin(token) is_admin = false DB.open "sqlite3://#{@path}" do |db| begin is_admin = db.query_one "select admin from users where " \ "token = (?)", token, as: Bool rescue e @logger.debug "Unable to verify user as admin" end end is_admin end def list_users results = Array(Tuple(String, Bool)).new DB.open "sqlite3://#{@path}" do |db| db.query "select username, admin from users" do |rs| rs.each do results << {rs.read(String), rs.read(Bool)} end end end results end def new_user(username, password, admin) admin = (admin ? 1 : 0) DB.open "sqlite3://#{@path}" do |db| hash = hash_password password db.exec "insert into users values (?, ?, ?, ?)", username, hash, nil, admin end end def update_user(original_username, username, password, admin) admin = (admin ? 1 : 0) DB.open "sqlite3://#{@path}" do |db| if password.size == 0 db.exec "update users set username = (?), admin = (?) " \ "where username = (?)", username, admin, original_username else hash = hash_password password db.exec "update users set username = (?), admin = (?)," \ "password = (?) where username = (?)", username, admin, hash, original_username end end end def delete_user(username) DB.open "sqlite3://#{@path}" do |db| db.exec "delete from users where username = (?)", username end end def logout(token) DB.open "sqlite3://#{@path}" do |db| begin db.exec "update users set token = (?) where token = (?)", nil, token rescue end end end def get_id(path, is_title) id = random_str DB.open "sqlite3://#{@path}" do |db| begin id = db.query_one "select id from ids where path = (?)", path, as: {String} rescue db.exec "insert into ids values (?, ?, ?)", path, id, is_title ? 1 : 0 end end id end def to_json(json : JSON::Builder) json.string self end end