move validate session to util module
This commit is contained in:
@@ -41,20 +41,6 @@ local function create_session(user_id)
|
||||
})
|
||||
end
|
||||
|
||||
local function validate_session(session_key)
|
||||
if session_key == nil then
|
||||
return nil
|
||||
end
|
||||
|
||||
local session = db.select('* FROM "sessions" WHERE "key" = ? AND "expires_at" > "?" LIMIT 1', session_key, os.time())
|
||||
print(#session)
|
||||
if #session > 0 then
|
||||
return Users:find({id = session[1].user_id})
|
||||
end
|
||||
|
||||
return nil
|
||||
end
|
||||
|
||||
local function validate_password(password)
|
||||
if #password < 10 or password:match("%s") then
|
||||
return false
|
||||
@@ -94,7 +80,8 @@ app:get("user", "/:username", function(self)
|
||||
self.session.flash = {}
|
||||
end
|
||||
|
||||
local me = validate_session(self.session.session_key) or TransientUser
|
||||
-- local me = validate_session(self.session.session_key) or TransientUser
|
||||
local me = util.get_logged_in_user(self) or TransientUser
|
||||
self.user = user
|
||||
self.me = me
|
||||
|
||||
@@ -109,7 +96,7 @@ app:get("user", "/:username", function(self)
|
||||
end)
|
||||
|
||||
app:post("user_clear_avatar", "/:username/clear_avatar", function(self)
|
||||
local me = validate_session(self.session.session_key)
|
||||
local me = util.get_logged_in_user(self)
|
||||
if me == nil then
|
||||
self.session.flash = {error = "You must be logged in to perform this action."}
|
||||
return {redirect_to = self:url_for("user_login")}
|
||||
@@ -126,7 +113,7 @@ app:post("user_clear_avatar", "/:username/clear_avatar", function(self)
|
||||
end)
|
||||
|
||||
app:post("user_set_avatar", "/:username/set_avatar", function(self)
|
||||
local me = validate_session(self.session.session_key)
|
||||
local me = util.get_logged_in_user(self)
|
||||
if me == nil then
|
||||
self.session.flash = {error = "You must be logged in to perform this action."}
|
||||
return {redirect_to = self:url_for("user_login")}
|
||||
@@ -164,7 +151,7 @@ app:post("user_set_avatar", "/:username/set_avatar", function(self)
|
||||
end)
|
||||
|
||||
app:get("user_settings", "/:username/settings", function(self)
|
||||
local me = validate_session(self.session.session_key)
|
||||
local me = util.get_logged_in_user(self)
|
||||
if me == nil then
|
||||
self.session.flash = {error = "You must be logged in to perform this action."}
|
||||
return {redirect_to = self:url_for("user_login")}
|
||||
@@ -187,7 +174,7 @@ app:get("user_settings", "/:username/settings", function(self)
|
||||
end)
|
||||
|
||||
app:post("user_settings", "/:username/settings", function(self)
|
||||
local me = validate_session(self.session.session_key)
|
||||
local me = util.get_logged_in_user(self)
|
||||
if me == nil then
|
||||
self.session.flash = {error = "You must be logged in to perform this action."}
|
||||
return {redirect_to = self:url_for("user_login")}
|
||||
@@ -211,7 +198,7 @@ end)
|
||||
|
||||
app:get("user_login", "/login", function(self)
|
||||
if self.session.session_key then
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if user ~= nil then
|
||||
return {redirect_to = self:url_for("user", {username = user.username})}
|
||||
end
|
||||
@@ -226,7 +213,7 @@ end)
|
||||
|
||||
app:post("user_login", "/login", function(self)
|
||||
if self.session.session_key then
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if user ~= nil then
|
||||
return {redirect_to = self:url_for("user", {username = user.username})}
|
||||
end
|
||||
@@ -250,7 +237,7 @@ end)
|
||||
|
||||
app:get("user_signup", "/signup", function(self)
|
||||
if self.session.session_key then
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if user ~= nil then
|
||||
return {redirect_to = self:url_for("user", {username = user.username})}
|
||||
end
|
||||
@@ -264,7 +251,7 @@ end)
|
||||
|
||||
app:post("user_signup", "/signup", function(self)
|
||||
if self.session.session_key then
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if user ~= nil then
|
||||
return {redirect_to = self:url_for("user", {username = user.username})}
|
||||
end
|
||||
@@ -307,7 +294,7 @@ app:post("user_signup", "/signup", function(self)
|
||||
end)
|
||||
|
||||
app:post("user_logout", "/logout", function (self)
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if not user then
|
||||
return {redirect_to = self:url_for("user_login")}
|
||||
end
|
||||
@@ -318,7 +305,7 @@ app:post("user_logout", "/logout", function (self)
|
||||
end)
|
||||
|
||||
app:post("confirm_user", "/confirm_user/:user_id", function (self)
|
||||
local user = validate_session(self.session.session_key)
|
||||
local user = util.get_logged_in_user(self)
|
||||
if not user then
|
||||
return {status = 403}
|
||||
end
|
||||
|
||||
15
util.lua
15
util.lua
@@ -1,7 +1,9 @@
|
||||
local util = {}
|
||||
local magick = require("magick")
|
||||
local db = require("lapis.db")
|
||||
|
||||
local Avatars = require("models").Avatars
|
||||
local Users = require("models").Users
|
||||
|
||||
function util.get_user_avatar_url(req, user)
|
||||
if not user.avatar_id then
|
||||
@@ -42,4 +44,17 @@ function util.validate_and_create_image(input_image, filename)
|
||||
return true
|
||||
end
|
||||
|
||||
function util.get_logged_in_user(req)
|
||||
if req.session.session_key == nil then
|
||||
return nil
|
||||
end
|
||||
|
||||
local session = db.select('* FROM "sessions" WHERE "key" = ? AND "expires_at" > "?" LIMIT 1', req.session.session_key, os.time())
|
||||
if #session > 0 then
|
||||
return Users:find({id = session[1].user_id})
|
||||
end
|
||||
|
||||
return nil
|
||||
end
|
||||
|
||||
return util
|
||||
Reference in New Issue
Block a user