You've already forked obsidian-visualiser
Add permissions
This commit is contained in:
@@ -73,6 +73,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
|
||||
},
|
||||
with: {
|
||||
data: true,
|
||||
permission: true,
|
||||
},
|
||||
where: (table) => eq(table.id, sql.placeholder('id'))
|
||||
}).prepare().get({ id: id.id });
|
||||
@@ -89,6 +90,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
|
||||
email: user.email,
|
||||
username: user.username,
|
||||
state: user.state,
|
||||
permissions: user.permission.map(e => e.permission),
|
||||
}
|
||||
}) as UserSessionRequired);
|
||||
|
||||
|
||||
@@ -71,7 +71,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
|
||||
|
||||
db.insert(usersDataTable).values({ id: sql.placeholder('id') }).prepare().run({ id: id.id });
|
||||
|
||||
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date() } }) as UserSessionRequired);
|
||||
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date(), permissions: [] } }) as UserSessionRequired);
|
||||
|
||||
setResponseStatus(e, 201);
|
||||
return { success: true, session };
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import useDatabase from "~/composables/useDatabase";
|
||||
import { userSessionsTable } from "~/db/schema";
|
||||
import { eq, and, sql } from "drizzle-orm";
|
||||
import { refreshSessionFromDB } from "../utils/user";
|
||||
|
||||
const monthAsMs = 60 * 60 * 24 * 30 * 1000;
|
||||
|
||||
@@ -25,6 +26,7 @@ export default defineNitroPlugin(() => {
|
||||
await db.update(userSessionsTable).set({
|
||||
timestamp: new Date(),
|
||||
}).where(and(eq(userSessionsTable.id, sql.placeholder('id')), eq(userSessionsTable.user_id, sql.placeholder('user_id')))).prepare().run({ id: session.id, user_id: session.user.id });
|
||||
await refreshSessionFromDB(event, session.id);
|
||||
}
|
||||
});
|
||||
sessionHooks.hook('clear', async (session, event) => {
|
||||
|
||||
@@ -29,7 +29,43 @@ export function logSession(e: H3Event<EventRequestHandler>, session: UserSession
|
||||
{
|
||||
const db = useDatabase();
|
||||
|
||||
console.log("Logging session %s", session.id)
|
||||
db.insert(userSessionsTable).values({ id: sql.placeholder('id'), user_id: sql.placeholder('user_id'), timestamp: sql.placeholder('timestamp') }).prepare().run({ id: session.id, user_id: session.user.id, timestamp: new Date() });
|
||||
return session;
|
||||
}
|
||||
export async function refreshSessionFromDB(e: H3Event<EventRequestHandler>, sessionId: string): Promise<void>
|
||||
{
|
||||
const db = useDatabase();
|
||||
|
||||
const user = db.query.userSessionsTable.findFirst({
|
||||
columns: {
|
||||
id: false,
|
||||
},
|
||||
with: {
|
||||
users: {
|
||||
with: {
|
||||
permission: true,
|
||||
data: true,
|
||||
}
|
||||
}
|
||||
},
|
||||
where: (table) => eq(table.id, sql.placeholder('id'))
|
||||
}).prepare().get({ id: sessionId });
|
||||
|
||||
if(user)
|
||||
{
|
||||
await replaceUserSession(e, {
|
||||
id: sessionId,
|
||||
user: {
|
||||
...user.users.data,
|
||||
email: user.users.email,
|
||||
username: user.users.username,
|
||||
state: user.users.state,
|
||||
permissions: user.users.permission.map(e => e.permission),
|
||||
}
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
throw createError({ statusCode: 401, message: 'Invalid session' });
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user