2020-08-21 16:11:32 +02:00
|
|
|
package net.mindoverflow.webmarker.utils.sql.primitives;
|
|
|
|
|
Implement RESTful API, JWT auth, SQLite storage
This update brings a huge change to the whole system's structure.
A new RESTful API has been implemented, which allows users to register, login
and store data.
The API only supports HTTP POST, and can be accessed via /api/v1/. Requests must
contain a JSON body with the necessary entries, which are:
/api/v1/register AND /api/v1/login:
{
"username": "username",
"password": "password",
"encoding": "plaintext/base64"
}
(Note: passwords can be encoded via "base64" or "plaintext".)
/api/v1/store:
{
"jwt": "encrypted_key_here",
"url": "https://google.com/"
}
The flow is:
- register via /api/v1/register;
- login via /api/v1/login, listen for JWT token in response;
- store via /api/v1/store, by sending JWT and URL to store.
The SQLite database now has 2 tables, "users" and "history".
The "users" table is used to store user data:
- username;
- password, secured via bcrypt;
- random user UUID.
The "history" table is used to store browsing history:
- user UUID, to identify the user;
- browsed url.
The secret used to sign JWTs is stored in the config.yml file.
Other new features include SQL-injection protection,
multiple validity/security checks on usernames and passwords, etc.
Signed-off-by: Lorenzo Dellacà <lorenzo.dellaca@mind-overflow.net>
2020-08-22 12:51:33 +02:00
|
|
|
import net.mindoverflow.webmarker.utils.sql.MDatabaseColumn;
|
2020-08-21 16:11:32 +02:00
|
|
|
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.List;
|
|
|
|
|
|
|
|
public class SQLTable
|
|
|
|
{
|
|
|
|
private final String tableName;
|
Implement RESTful API, JWT auth, SQLite storage
This update brings a huge change to the whole system's structure.
A new RESTful API has been implemented, which allows users to register, login
and store data.
The API only supports HTTP POST, and can be accessed via /api/v1/. Requests must
contain a JSON body with the necessary entries, which are:
/api/v1/register AND /api/v1/login:
{
"username": "username",
"password": "password",
"encoding": "plaintext/base64"
}
(Note: passwords can be encoded via "base64" or "plaintext".)
/api/v1/store:
{
"jwt": "encrypted_key_here",
"url": "https://google.com/"
}
The flow is:
- register via /api/v1/register;
- login via /api/v1/login, listen for JWT token in response;
- store via /api/v1/store, by sending JWT and URL to store.
The SQLite database now has 2 tables, "users" and "history".
The "users" table is used to store user data:
- username;
- password, secured via bcrypt;
- random user UUID.
The "history" table is used to store browsing history:
- user UUID, to identify the user;
- browsed url.
The secret used to sign JWTs is stored in the config.yml file.
Other new features include SQL-injection protection,
multiple validity/security checks on usernames and passwords, etc.
Signed-off-by: Lorenzo Dellacà <lorenzo.dellaca@mind-overflow.net>
2020-08-22 12:51:33 +02:00
|
|
|
private final List<MDatabaseColumn> columns;
|
2020-08-21 16:11:32 +02:00
|
|
|
private final List<SQLDataType> columnTypes = new ArrayList<>();
|
|
|
|
|
Implement RESTful API, JWT auth, SQLite storage
This update brings a huge change to the whole system's structure.
A new RESTful API has been implemented, which allows users to register, login
and store data.
The API only supports HTTP POST, and can be accessed via /api/v1/. Requests must
contain a JSON body with the necessary entries, which are:
/api/v1/register AND /api/v1/login:
{
"username": "username",
"password": "password",
"encoding": "plaintext/base64"
}
(Note: passwords can be encoded via "base64" or "plaintext".)
/api/v1/store:
{
"jwt": "encrypted_key_here",
"url": "https://google.com/"
}
The flow is:
- register via /api/v1/register;
- login via /api/v1/login, listen for JWT token in response;
- store via /api/v1/store, by sending JWT and URL to store.
The SQLite database now has 2 tables, "users" and "history".
The "users" table is used to store user data:
- username;
- password, secured via bcrypt;
- random user UUID.
The "history" table is used to store browsing history:
- user UUID, to identify the user;
- browsed url.
The secret used to sign JWTs is stored in the config.yml file.
Other new features include SQL-injection protection,
multiple validity/security checks on usernames and passwords, etc.
Signed-off-by: Lorenzo Dellacà <lorenzo.dellaca@mind-overflow.net>
2020-08-22 12:51:33 +02:00
|
|
|
public SQLTable(String tableName, List<MDatabaseColumn> columns)
|
2020-08-21 16:11:32 +02:00
|
|
|
{
|
|
|
|
this.tableName = tableName;
|
|
|
|
this.columns = columns;
|
|
|
|
|
Implement RESTful API, JWT auth, SQLite storage
This update brings a huge change to the whole system's structure.
A new RESTful API has been implemented, which allows users to register, login
and store data.
The API only supports HTTP POST, and can be accessed via /api/v1/. Requests must
contain a JSON body with the necessary entries, which are:
/api/v1/register AND /api/v1/login:
{
"username": "username",
"password": "password",
"encoding": "plaintext/base64"
}
(Note: passwords can be encoded via "base64" or "plaintext".)
/api/v1/store:
{
"jwt": "encrypted_key_here",
"url": "https://google.com/"
}
The flow is:
- register via /api/v1/register;
- login via /api/v1/login, listen for JWT token in response;
- store via /api/v1/store, by sending JWT and URL to store.
The SQLite database now has 2 tables, "users" and "history".
The "users" table is used to store user data:
- username;
- password, secured via bcrypt;
- random user UUID.
The "history" table is used to store browsing history:
- user UUID, to identify the user;
- browsed url.
The secret used to sign JWTs is stored in the config.yml file.
Other new features include SQL-injection protection,
multiple validity/security checks on usernames and passwords, etc.
Signed-off-by: Lorenzo Dellacà <lorenzo.dellaca@mind-overflow.net>
2020-08-22 12:51:33 +02:00
|
|
|
for(MDatabaseColumn column : columns)
|
2020-08-21 16:11:32 +02:00
|
|
|
{ columnTypes.add(column.getDataType()); }
|
|
|
|
}
|
|
|
|
|
|
|
|
public String getTableSQLName()
|
|
|
|
{ return tableName; }
|
|
|
|
|
Implement RESTful API, JWT auth, SQLite storage
This update brings a huge change to the whole system's structure.
A new RESTful API has been implemented, which allows users to register, login
and store data.
The API only supports HTTP POST, and can be accessed via /api/v1/. Requests must
contain a JSON body with the necessary entries, which are:
/api/v1/register AND /api/v1/login:
{
"username": "username",
"password": "password",
"encoding": "plaintext/base64"
}
(Note: passwords can be encoded via "base64" or "plaintext".)
/api/v1/store:
{
"jwt": "encrypted_key_here",
"url": "https://google.com/"
}
The flow is:
- register via /api/v1/register;
- login via /api/v1/login, listen for JWT token in response;
- store via /api/v1/store, by sending JWT and URL to store.
The SQLite database now has 2 tables, "users" and "history".
The "users" table is used to store user data:
- username;
- password, secured via bcrypt;
- random user UUID.
The "history" table is used to store browsing history:
- user UUID, to identify the user;
- browsed url.
The secret used to sign JWTs is stored in the config.yml file.
Other new features include SQL-injection protection,
multiple validity/security checks on usernames and passwords, etc.
Signed-off-by: Lorenzo Dellacà <lorenzo.dellaca@mind-overflow.net>
2020-08-22 12:51:33 +02:00
|
|
|
public List<MDatabaseColumn> getColumns()
|
2020-08-21 16:11:32 +02:00
|
|
|
{ return columns; }
|
|
|
|
|
|
|
|
public List<SQLDataType> getDataTypes()
|
|
|
|
{ return columnTypes; }
|
|
|
|
}
|