diff --git a/app.moon b/app.moon index 569e918..8baa228 100644 --- a/app.moon +++ b/app.moon @@ -3,94 +3,17 @@ db = require "lapis.db" csrf = require "lapis.csrf" encoding = require "lapis.util.encoding" -import capture_errors from require "lapis.application" -import assert_valid from require "lapis.validate" import respond_to from require "lapis.application" require "models.user" class App extends lapis.Application + @include "controllers.users" + [index: "/"]: => @user = @session.user render: true - [list: "/list"]: => - user = Users\find id: @session.user - @list = Users\select! - render: true - - [register: "/register"]: capture_errors respond_to { - GET: => - @csrf_token = csrf.generate_token @ - render: true - - POST: => - csrf.assert_token @ - assert_valid @params, { - { "email", exists: true, min_length: 3 } - { "password", exists: true, min_length: 3 } - { "password_again", equals: @params.password } - { "name", exists: true, min_length: 3} - } - - @params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) - @params.password_again = nil - @params.csrf_token = nil - @params.extension = "#{1000}" - @params.registrar_password = encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!) - - if Users\find email: @params.email - @title = "Failure" - return status: 500, "User with that email already exists" - - user = Users\create @params - user\write_session @ - user.extension = "#{1000 + user.id}" - Users\update user - - @title = "Success" - - @html -> - h1 "Success" - p -> - text "Your email is " .. user.email - p -> - text "Your extension is " .. user.extension - p -> - text "Your sip password is " - code user.registrar_password - - p "This will not be shown again so please be sure to write this down." - - } - - [login: "/login"]: capture_errors respond_to { - GET: => - @csrf_token = csrf.generate_token @ - render: true - - POST: => - csrf.assert_token @ - assert_valid @params, { - { "email", exists: true, min_length: 3 } - { "password", exists: true, min_length: 3 } - } - - user = Users\find email: @params.email - - cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) - - if user.password == cmppass - user\write_session @ - - @title = "Login successful" - - return "Hi " .. user.name - else - @title = "Login failure" - return status: 500, "bad password" - } - [freeswitch: "/freeswitch"]: respond_to { POST: => uid = @params["user"] or @params["sip_auth_username"] diff --git a/controllers/users.moon b/controllers/users.moon new file mode 100644 index 0000000..ae05011 --- /dev/null +++ b/controllers/users.moon @@ -0,0 +1,87 @@ +lapis = require "lapis" +csrf = require "lapis.csrf" +encoding = require "lapis.util.encoding" + +import capture_errors from require "lapis.application" +import assert_valid from require "lapis.validate" +import respond_to from require "lapis.application" + +require "models.user" + +class User extends lapis.Application + [list: "/list"]: => + user = Users\find id: @session.user + @list = Users\select! + render: true + + [register: "/register"]: capture_errors respond_to { + GET: => + @csrf_token = csrf.generate_token @ + render: true + + POST: => + csrf.assert_token @ + assert_valid @params, { + { "email", exists: true, min_length: 3 } + { "password", exists: true, min_length: 3 } + { "password_again", equals: @params.password } + { "name", exists: true, min_length: 3} + } + + @params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) + @params.password_again = nil + @params.csrf_token = nil + @params.extension = "#{1000}" + @params.registrar_password = encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!) + + if Users\find email: @params.email + @title = "Failure" + return status: 500, "User with that email already exists" + + user = Users\create @params + user\write_session @ + user.extension = "#{1000 + user.id}" + Users\update user + + @title = "Success" + + @html -> + h1 "Success" + p -> + text "Your email is " .. user.email + p -> + text "Your extension is " .. user.extension + p -> + text "Your sip password is " + code user.registrar_password + + p "This will not be shown again so please be sure to write this down." + + } + + [login: "/login"]: capture_errors respond_to { + GET: => + @csrf_token = csrf.generate_token @ + render: true + + POST: => + csrf.assert_token @ + assert_valid @params, { + { "email", exists: true, min_length: 3 } + { "password", exists: true, min_length: 3 } + } + + user = Users\find email: @params.email + + cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) + + if user.password == cmppass + user\write_session @ + + @title = "Login successful" + + return "Hi " .. user.name + else + @title = "Login failure" + return status: 500, "bad password" + }