aji/costapy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixing unfinished procedure out

Browse Source
This commit is contained in:
Dita Aji Pratama 2025-09-08 12:57:50 +07:00
parent 56e737be3a
commit 4e584c75ec
2 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/api/auth.py
View File

@ -256,7 +256,8 @@ class auth:
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, jwt)
user = user_validation['data']
loggorilla.prcss(APIADDR, "Get dependency data")
self.cursor.execute("call sp_auth_login(%s);", (user['profile']['username'],) )
self.cursor.execute("CALL sp_auth_login(%s, @o_count, @o_token, @o_id, @o_username, @o_password)", (user['profile']['username'],) )
self.cursor.execute("SELECT @o_count, @o_token, @o_id, @o_username, @o_password")
result_login = self.cursor.fetchone()
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' ; ", (email,) )
result_email = self.cursor.fetchone()
@ -269,7 +270,7 @@ class auth:
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "failed"
response["desc" ] = "Invitation roles is not allowed"
elif not bcrypt.checkpw(password.encode(), result_login['password'].decode().encode() ):
elif not bcrypt.checkpw(password.encode(), result_login['@o_password'].decode().encode() ):
loggorilla.accss(APIADDR, f"{user['profile']['username']} put a wrong password for send invitation")
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "failed"
@ -413,14 +414,15 @@ class auth:
self.cursor.execute("BEGIN;")
try:
loggorilla.prcss(APIADDR, "Get dependency data")
self.cursor.execute("call sp_auth_login(%s);", (username,) )
self.cursor.execute("CALL sp_auth_login(%s, @o_count, @o_token, @o_id, @o_username, @o_password)", (username,))
self.cursor.execute("SELECT @o_count, @o_token, @o_id, @o_username, @o_password")
result_login = self.cursor.fetchone()
self.cursor.execute("SELECT `profile`, `type`, `verified` FROM auth_profile_verification WHERE `type` = 'email' AND `profile` = %s ; ", (result_login['id'],) )
self.cursor.execute("SELECT `profile`, `type`, `verified` FROM auth_profile_verification WHERE `type` = 'email' AND `profile` = %s ; ", (result_login['@o_id'],) )
result_verification = self.cursor.fetchone()
loggorilla.prcss(APIADDR, "Validation")
if result_login['count'] == 1 and result_verification['verified'] == 1 and bcrypt.checkpw(password.encode(), result_login['password'].decode().encode() ) :
if result_login['@o_count'] == 1 and result_verification['verified'] == 1 and bcrypt.checkpw(password.encode(), result_login['@o_password'].decode().encode() ) :
loggorilla.prcss(APIADDR, "Add session")
self.cursor.execute(f"INSERT INTO `auth_session` VALUES (DEFAULT, %s, NOW(), NOW() + INTERVAL 60 DAY)", ( result_login['token'], ) )
self.cursor.execute(f"INSERT INTO `auth_session` VALUES (DEFAULT, %s, NOW(), NOW() + INTERVAL 60 DAY)", ( result_login['@o_token'], ) )
session_last_id = self.cursor.lastrowid
self.cursor.execute(f"SELECT `id`, `start`, `end` FROM `auth_session` WHERE id = %s ; ", ( session_last_id, ) )
session = self.cursor.fetchone()

13
sql/auth.sql
View File

@ -109,7 +109,12 @@ DELIMITER ;
DELIMITER //
CREATE PROCEDURE sp_auth_login(
IN p_username varchar(36)
IN p_username VARCHAR(36),
OUT o_count INT(11),
OUT o_token BINARY(40),
OUT o_id INT(11),
OUT o_username VARCHAR(36),
OUT o_password BINARY(60)
)
BEGIN
SELECT
@ -118,6 +123,12 @@ BEGIN
auth_profile.id,
auth_profile.username,
auth.password
INTO
o_count,
o_token,
o_id,
o_username,
o_password
FROM auth_profile
INNER JOIN auth ON auth.token = auth_profile.token
WHERE auth_profile.username = p_username ;