lukas/server-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added better database get api

Browse Source
This commit is contained in:
Lukas Forsberg 2025-10-19 15:14:06 +02:00
parent bdd7a8e2e2
commit ac6e47d906
4 changed files with 37 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/database/database.cpp
View File

@ -1,6 +1,7 @@
#include "crow.h"
#include "utils.hpp"
#include "database.hpp"
#include <optional>
using namespace std;
@ -72,18 +73,6 @@ map<string, string> Database::getStrMap(const std::string sql, const Database::Q
return map;
}
string Database::getStr(const std::string sql, const Database::QueryData& data){
sqlite3_stmt* stmt = bind(sql, data);
string str;
if (stmt == nullptr)
return str;
str = reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0));
sqlite3_finalize(stmt);
return str;
}
set<string> Database::getStrSet(const string& sql){
sqlite3_stmt* stmt = prepareStmt(sql);
set<string> vec;
@ -99,20 +88,6 @@ set<string> Database::getStrSet(const string& sql){
return vec;
}
std::optional<int64_t> Database::getInt(const char* sql) {
sqlite3_stmt* stmt = prepareStmt(sql);
if (stmt == nullptr)
return {};
std::optional<int64_t> id;
if (sqlite3_step(stmt) == SQLITE_ROW) {
id = sqlite3_column_int64(stmt, 0);
}
sqlite3_finalize(stmt);
return id;
}
std::optional<int64_t> Database::insert(const char* sql) {
sqlite3_stmt* stmt = prepareStmt(sql);
if (stmt == nullptr)

21
src/database/database.hpp
View File

@ -21,14 +21,27 @@ public:
bool exec(const char* sqlQuery);
bool exec(const std::string& sqlQuery);
/// returns true if the sql statment returns at least one row
std::optional<int64_t> getInt(const char* sql);
std::optional<int64_t> insert(const char* sql);
std::set<std::string> getStrSet(const std::string& sql);
std::string getStr(const std::string sql, const QueryData& data);
template <typename T>
std::optional<T> get(const std::string sql, const QueryData& data){
sqlite3_stmt* stmt = bind(sql, data);
T ret;
if ((stmt == nullptr) || (sqlite3_step(stmt) != SQLITE_ROW))
return {};
if constexpr (std::is_same_v<T, int>) {
ret = sqlite3_column_int64(stmt, 0);
}
else if constexpr (std::is_same_v<T, std::string>){
ret = reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0));
}
sqlite3_finalize(stmt);
return ret;
}
sqlite3_stmt* bind(const std::string sql, const QueryData& data);

39
src/login/login.cpp
View File

@ -41,21 +41,6 @@ std::string hashPassword(const std::string& password)
return hash;
}
std::string generate_session_id(size_t bytes = 32) {
std::vector<unsigned char> buf(bytes);
randombytes_buf(buf.data(), buf.size());
// Convert to hex
std::string hex;
hex.reserve(bytes * 2);
static const char *hexmap = "0123456789abcdef";
for (unsigned char b : buf) {
hex.push_back(hexmap[b >> 4]);
hex.push_back(hexmap[b & 0xF]);
}
return hex;
}
std::string get_session_id(const crow::request& req) {
auto cookie_header = req.get_header_value("Cookie");
std::string prefix = "session_id=";
@ -103,15 +88,15 @@ auto login_required = [](auto handler){
bool loginUser(const std::string& username, const std::string& password)
{
auto sql = "SELECT id, password_hash FROM users WHERE username = '?' LIMIT 1;";
auto sql = "SELECT id password_hash FROM users WHERE username = '?' LIMIT 1;";
auto db = Database();
if (!db.open())
return false;
auto str = db.getStr(sql, {username});
if (!str.empty()) {
return verifyHashWithPassword(str, password);
auto opt_str = db.get<std::string>(sql, {username});
if (opt_str.has_value()) {
return verifyHashWithPassword(opt_str.value(), password);
} else {
return false;
}
@ -170,21 +155,31 @@ bool initLogin(crow::SimpleApp& app)
CROW_ROUTE(app, "/login").methods("POST"_method)
([](const crow::request& req){
auto cookie_it = req.get_header_value("Cookie").find("session_id=");
if (cookie_it == std::string::npos)
return crow::response(401, "No session");
// extract session_id
std::string session_id = req.get_header_value("Cookie").substr(cookie_it + 11, 32);
auto it = sessions.find(session_id);
if (it == sessions.end()) return crow::response(401, "Invalid session");
auto session = it->second;
// parse form
auto body = crow::query_string(req.body);
std::string csrf_token = body.get("csrf_token");
std::string username = body.get("username");
std::string password = body.get("password");
if (csrf_token != csrf_token) return crow::response(403, "CSRF failed");
if (csrf_token != session.csrf_token) return crow::response(403, "CSRF failed");
bool ok = loginUser(username, password);
if (!ok) return crow::response(401, "Invalid credentials");
std::string session_id = generate_session_id();
// regenerate session, mark as logged in
sessions[session_id].user_id; // user ID
sessions[session_id].user_id = "123"; // user ID
crow::response res;
res.add_header("HX-Redirect", "/dashboard"); // htmx redirect

4
src/shadowrun/ShadowrunDb.cpp
View File

@ -41,13 +41,13 @@ bool initDb() {
}
int64_t getKeyOfCharacter(const string& name){
auto sql = format("SELECT id FROM shadowrun_characters WHERE name = '{}' LIMIT 1;", name);
std::string sql = "SELECT id FROM shadowrun_characters WHERE name = ? LIMIT 1;";
auto db = Database();
if (!db.open())
return -1;
auto opt_int = db.getInt(sql.c_str());
auto opt_int = db.get<int>(sql, {name});
if (opt_int.has_value()) {
return opt_int.value();
} else {