From 895e0a53306390f03153a7ac37711db48a0ea9eb Mon Sep 17 00:00:00 2001 From: absc Date: Sat, 27 Jul 2024 01:57:34 +0200 Subject: [PATCH] Enter the user handler API. For now it handles PUTs, to create new users. It's still a partial implementation and there is no documentation yet. POST, PATCH and DELETE will arrive later to handle other users operations. --- dudeswave/ebin/dudeswave.app | 3 +- dudeswave/src/Makefile | 1 + dudeswave/src/dudeswave_app.erl | 1 + dudeswave/src/dudeswave_user_handler.erl | 86 ++++++++++++++++++++++++ 4 files changed, 90 insertions(+), 1 deletion(-) create mode 100644 dudeswave/src/dudeswave_user_handler.erl diff --git a/dudeswave/ebin/dudeswave.app b/dudeswave/ebin/dudeswave.app index ce137e4..83da934 100644 --- a/dudeswave/ebin/dudeswave.app +++ b/dudeswave/ebin/dudeswave.app @@ -1,7 +1,8 @@ {application,dudeswave, [{description,"The dudeswave web experience"}, {vsn,"1.0.0"}, - {modules,[dudeswave,dudeswave_app,dudeswave_handler,dudeswave_supervisor]}, + {modules,[dudeswave,dudeswave_app,dudeswave_handler, + dudeswave_user_handler,dudeswave_supervisor]}, {registered,[]}, {applications,[kernel,stdlib,erts,cowboy,ranch]}, {mod,{dudeswave_app,[]}}, diff --git a/dudeswave/src/Makefile b/dudeswave/src/Makefile index 7c52e6a..ba1c4ed 100644 --- a/dudeswave/src/Makefile +++ b/dudeswave/src/Makefile @@ -5,6 +5,7 @@ ERLC?= erlc -server OBJS= dudeswave.beam dudeswave_app.beam OBJS+= dudeswave_supervisor.beam dudeswave_handler.beam +OBJS+= dudeswave_user_handler.beam all: ${OBJS} diff --git a/dudeswave/src/dudeswave_app.erl b/dudeswave/src/dudeswave_app.erl index 39cef26..21d78d3 100644 --- a/dudeswave/src/dudeswave_app.erl +++ b/dudeswave/src/dudeswave_app.erl @@ -42,6 +42,7 @@ start(_Type, StartArgs) -> end, Dispatch = cowboy_router:compile([ + {'_', [{"/user", dudeswave_user_handler, #{bucket => ?USERSBUCKET}}]}, {'_', [{"/", dudeswave_handler, #{bucket => ?APPBUCKET}}]} ]), diff --git a/dudeswave/src/dudeswave_user_handler.erl b/dudeswave/src/dudeswave_user_handler.erl new file mode 100644 index 0000000..9524406 --- /dev/null +++ b/dudeswave/src/dudeswave_user_handler.erl @@ -0,0 +1,86 @@ +% +% Copyright (c) 2024 Andrea Biscuola +% +% Permission to use, copy, modify, and distribute this software for any +% purpose with or without fee is hereby granted, provided that the above +% copyright notice and this permission notice appear in all copies. +% +% THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +% WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +% MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +% ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +% WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +% ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +% OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +% +-module(dudeswave_register_handler). +-moduledoc """ +Register a new user. +""". + +-behaviour(cowboy_handler). + +-export([init/2, terminate/3]). + +% +% Callbacks exports +% +-export([allowed_methods/2, content_types_accepted/2, + known_methods/2, resource_exists/2, is_conflict/2, + create_user/2]). + + +-include_lib("storage/include/storage.hrl"). + +-define(RANDBYTES, 32). + +% +% Protocol functions +% + +init(Req, State) -> + {cowboy_rest, Req, State}. + +allowed_methods(Req, State) -> + {[<<"PUT">>], Req, State}. + +content_types_accepted(Req, State) -> + {[{{ <<"application">>, <<"json">>, '*'}, create_user}], Req, State}. + +known_methods(Req, State) -> + {[<<"PUT">>], Req, State}. + +resource_exists(Req, State) -> + {ok, Bucket} = maps:find(bucket, State), + + case cowboy:read_body(Req, #{period => 5000, length => 8192}) of + {ok, Body, NewReq} -> + #{<<"name">> := Name, <<"password">> := Pass, + <<"user">> := User} = json:decode(Body), + + case storage:read(Bucket, User) of + {ok, [_R]} -> + {true, NewReq, user_exists}; + {ok, []} -> + {false, NewReq, {Bucket, [{name, Name}, + {username, User},{password, Pass}]}} + end + end. + +is_conflict(Req, user_exists) -> {true, Req, []}; + +is_conflict(Req, State) -> {false, Req, State}. + +create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) -> + Salt = rand:bytes(32), + SaltedPW = <>, + Hash = crypto:hash(sha256, SaltedPW), + + case storage:write(Bucket, User, Hash, [{salt, Salt}, {name, Name}]) of + ok -> + {true, Req, []}; + {error, Reason} -> + {false, Req, Reason} + end. + +terminate(_Reason, _Req, _State) -> ok.