working on string-templated based static pages

2022-04-14 20:22:35 +02:00
parent b251e4e4cb
commit 0b13726d25
17 changed files with 2074 additions and 207 deletions
--- a/src/main/java/de/srsoftware/widerhall/data/Database.java
+++ b/src/main/java/de/srsoftware/widerhall/data/Database.java
@@ -0,0 +1,167 @@
+package de.srsoftware.widerhall.data;
+
+import de.srsoftware.widerhall.Configuration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.*;
+
+import static de.srsoftware.widerhall.Util.t;
+
+public class Database {
+    public static final String EMAIL = "email";
+    public static final String NAME = "name";
+    public static final String HASHED_PASS = "hashedPassword";
+    public static final String SALT = "salt";
+
+    private static final Logger LOG = LoggerFactory.getLogger(Database.class);
+    private static final String VARCHAR = "VARCHAR(255)";
+    private static Database singleton = null;
+    private static Connection conn;
+
+    public Request insertInto(String tbName) {
+        return query("INSERT INTO "+tbName);
+    }
+
+    public class Request{
+
+        private final String sql;
+        private HashMap<String,List<Object>> where = new HashMap<>();
+        private HashMap<String,Object> values = new HashMap<>();
+
+        public Request(String sql) {
+            this.sql = sql;
+        }
+
+        public Request where(String key, Object ... values) {
+            for (var val : values) where(key,val);
+            return this;
+        }
+
+        public Request where(String key, Object value) {
+            var list = where.get(key);
+            if (list == null) where.put(key,list = new ArrayList<Object>());
+            list.add(value);
+            return this;
+        }
+
+        public Request values(Map<String,Object> newValues) {
+            values.putAll(newValues);
+            return this;
+        }
+
+        public Request values(String key, Object value) {
+            values.put(key,value);
+            return this;
+        }
+
+        public void run() throws SQLException {
+            var sb = new StringBuilder(sql);
+            var args = new ArrayList<Object>();
+            if (!values.isEmpty()){
+                var keys = new ArrayList<String>();
+                for (var entry : values.entrySet()) {
+                    keys.add(entry.getKey());
+                    args.add(entry.getValue());
+                }
+                sb.append("("+String.join(", ",keys)+")");
+                sb.append(" VALUES ");
+                var arr = new String[args.size()];
+                Arrays.fill(arr,"?");
+                var marks = String.join(", ",arr);
+                sb.append("(").append(marks).append(")");
+            }
+            var sql = sb.toString();
+            LOG.debug(sql);
+            try {
+                var stmt = conn.prepareStatement(sql);
+                if (!args.isEmpty()) {
+                    for (int i = 0; i < args.size(); i++) stmt.setObject(i+1, args.get(i));
+                }
+                stmt.execute();
+            } catch (SQLException sqle) {
+                throw new SQLException(t("Query '{}' failed:",sql),sqle);
+            }
+        }
+
+        public ResultSet exec() throws SQLException {
+            var sb = new StringBuilder(sql);
+            var args = new ArrayList<Object>();
+            if (!where.isEmpty()){
+                var clauses = new ArrayList<String>();
+                sb.append(" WHERE ");
+
+                for (var entry : where.entrySet()){
+                    var arr = new String[entry.getValue().size()];
+                    Arrays.fill(arr,"?");
+                    var marks = String.join(", ",arr);
+                    clauses.add("("+entry.getKey()+" IN ("+marks+"))");
+                    args.addAll(entry.getValue());
+                }
+                sb.append(String.join(" AND ",clauses));
+
+            }
+            var sql = sb.toString();
+            LOG.debug(sql);
+            try {
+                var stmt = conn.prepareStatement(sql);
+                if (!args.isEmpty()) {
+                    for (int i = 0; i < args.size(); i++) stmt.setObject(i+1, args.get(i));
+                }
+                return stmt.executeQuery();
+            } catch (SQLException sqle) {
+                throw new SQLException(t("Query '{}' failed:",sql),sqle);
+            }
+        }
+    }
+
+    public Database(Connection connection) {
+        this.conn = connection;
+    }
+
+    public static Database open() {
+        if (singleton == null){
+            Configuration config = Configuration.instance();
+            String dbFile = config.dbLocation();
+            String url = "jdbc:sqlite:"+dbFile;
+            LOG.debug("Opening {}",url);
+            new File(dbFile).getParentFile().mkdirs();
+            try {
+                singleton = new Database(DriverManager.getConnection(url)).assertTables();
+            } catch (SQLException sqle) {
+                sqle.printStackTrace();
+            }
+        }
+        return singleton;
+    }
+
+    private Database assertTables() throws SQLException {
+        if (!tableExists("Users")) createUsersTable();
+        return this;
+    }
+
+    private void createUsersTable() throws SQLException {
+        query("CREATE TABLE Users ("+EMAIL+" "+ VARCHAR +", "+SALT+" "+VARCHAR+", "+HASHED_PASS+" "+VARCHAR+", "+NAME+" "+VARCHAR+");").run();
+    }
+
+    private boolean tableExists(String tbName) throws SQLException {
+        try {
+            ResultSet rs = query("SELECT EXISTS (SELECT name FROM sqlite_schema WHERE type='table' AND name='" + tbName + "')").exec();
+            int val = 0;
+            if (rs.next()) val = rs.getInt(1);
+            rs.close();
+            return val > 0;
+        } catch (SQLException e) {
+            throw new SQLException(t("Was not able to check existence of table {}!",tbName),e);
+        }
+    }
+
+    public Request query(String sql) {
+        return new Request(sql);
+    }
+}
--- a/src/main/java/de/srsoftware/widerhall/data/User.java
+++ b/src/main/java/de/srsoftware/widerhall/data/User.java
@@ -0,0 +1,80 @@
+package de.srsoftware.widerhall.data;
+
+import de.srsoftware.widerhall.Util;
+
+import java.security.InvalidKeyException;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.time.LocalDate;
+import java.util.Map;
+
+import static de.srsoftware.widerhall.data.Database.*;
+
+public class User {
+    private static Database database = Database.open();
+    private String email, salt, hashedPass, name;
+
+    public User(String email, String name, String salt, String hashedPass) {
+        this.email = email;
+        this.name = name;
+        this.salt = salt;
+        this.hashedPass = hashedPass;
+    }
+
+    public static User create(String email, String name, String password) throws SQLException {
+        var salt = Util.sha256(email + name + LocalDate.now());
+        var hashedPass = Util.sha256(password+salt);
+        return new User(email,name,salt,hashedPass).save();
+    }
+
+    public static User load(String email, String password) throws InvalidKeyException, SQLException {
+        ResultSet rs = database
+                .query("SELECT * FROM Users")
+                .where(EMAIL,email)
+                .exec();
+
+        try {
+            if (rs.next()) {
+                email = rs.getString(EMAIL);
+                var name = rs.getString(NAME);
+                var hashedPassword = rs.getString(HASHED_PASS);
+                var salt = rs.getString(SALT);
+                var loadedUser = new User(email, name, salt, hashedPassword);
+                if (loadedUser.matching(password)) return loadedUser;
+            } else if (noUsers()){
+                return User.create(email,"Admin",password);
+            }
+        } finally {
+            rs.close();
+        }
+
+        throw new InvalidKeyException();
+    }
+
+    private static boolean noUsers() throws SQLException {
+        var rs = database.query("SELECT count(*) FROM users").exec();
+        try {
+            if (rs.next()) {
+                return rs.getInt(1) < 1;
+            }
+        } finally {
+            rs.close();
+        }
+        return false;
+    }
+
+    private boolean matching(String password) {
+        return hashedPass.equals(Util.sha256(password+salt));
+    }
+
+    private User save() throws SQLException {
+        database.insertInto("Users")
+                .values(Map.of(EMAIL,email,NAME,name,SALT,salt,HASHED_PASS,hashedPass))
+                .run();
+        return this;
+    }
+
+    public Map<String,String> map() {
+        return Map.of(EMAIL,email,NAME,name);
+    }
+}