panel/app.moon

73 lines
1.9 KiB
Plaintext
Raw Normal View History

2015-01-05 21:41:19 +00:00
lapis = require "lapis"
db = require "lapis.db"
csrf = require "lapis.csrf"
2015-01-05 22:22:26 +00:00
encoding = require "lapis.util.encoding"
2015-01-05 21:41:19 +00:00
2015-01-05 22:22:26 +00:00
import capture_errors from require "lapis.application"
import assert_valid from require "lapis.validate"
2015-01-05 21:41:19 +00:00
import respond_to from require "lapis.application"
2015-01-05 22:51:12 +00:00
require "models.user"
2015-01-05 21:41:19 +00:00
class App extends lapis.Application
2015-01-06 03:09:03 +00:00
[index: "/"]: =>
@user = @session.user
render: true
2015-01-05 21:41:19 +00:00
2015-01-05 23:08:29 +00:00
[list: "/list"]: =>
user = Users\find id: @session.user
@list = Users\select!
render: true
2015-01-05 22:22:26 +00:00
[register: "/register"]: capture_errors respond_to {
2015-01-05 21:41:19 +00:00
GET: =>
2015-01-05 22:22:26 +00:00
@csrf_token = csrf.generate_token @
render: true
2015-01-05 21:41:19 +00:00
POST: =>
csrf.assert_token @
2015-01-05 22:22:26 +00:00
assert_valid @params, {
{ "email", exists: true, min_length: 3 }
{ "password", exists: true, min_length: 3 }
{ "password_again", equals: @params.password }
{ "name", exists: true, min_length: 3}
}
@params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password)
@params.password_again = nil
@params.csrf_token = nil
@params.extension = "9001"
if Users\find email: @params.email
2015-01-06 03:09:03 +00:00
return status: 500, "User with that email already exists"
2015-01-05 22:22:26 +00:00
user = Users\create @params
2015-01-05 22:51:12 +00:00
user\write_session @
2015-01-05 22:22:26 +00:00
"Hi " .. user.name
}
[login: "/login"]: capture_errors respond_to {
GET: =>
@csrf_token = csrf.generate_token @
render: true
POST: =>
csrf.assert_token @
assert_valid @params, {
{ "email", exists: true, min_length: 3 }
{ "password", exists: true, min_length: 3 }
}
user = Users\find email: @params.email
2015-01-05 22:51:12 +00:00
cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password)
if user.password == cmppass
user\write_session @
return "Hi " .. user.name
else
return status: 500, "bad password"
2015-01-05 21:41:19 +00:00
}