lapis = require "lapis" db = require "lapis.db" csrf = require "lapis.csrf" encoding = require "lapis.util.encoding" import capture_errors from require "lapis.application" import assert_valid from require "lapis.validate" import respond_to from require "lapis.application" require "models.user" class App extends lapis.Application [index: "/"]: => @user = @session.user render: true [list: "/list"]: => user = Users\find id: @session.user @list = Users\select! render: true [register: "/register"]: capture_errors respond_to { GET: => @csrf_token = csrf.generate_token @ render: true POST: => csrf.assert_token @ assert_valid @params, { { "email", exists: true, min_length: 3 } { "password", exists: true, min_length: 3 } { "password_again", equals: @params.password } { "name", exists: true, min_length: 3} } @params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) @params.password_again = nil @params.csrf_token = nil @params.extension = "9001" @params.registrar_password = encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!) if Users\find email: @params.email return status: 500, "User with that email already exists" user = Users\create @params user\write_session @ @session.sippw = @params.registrar_password "Hi " .. user.name } [login: "/login"]: capture_errors respond_to { GET: => @csrf_token = csrf.generate_token @ render: true POST: => csrf.assert_token @ assert_valid @params, { { "email", exists: true, min_length: 3 } { "password", exists: true, min_length: 3 } } user = Users\find email: @params.email cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password) if user.password == cmppass user\write_session @ return "Hi " .. user.name else return status: 500, "bad password" } [freeswitch: "/freeswitch"]: respond_to { POST: => uid = @params["user"] or @params["sip_auth_username"] @user = Users\find id: uid render: true, layout: false }