mirrors/postgsail
1
0
Fork 0
mirror of https://github.com/xbgmsharp/postgsail.git synced 2025-09-17 11:17:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update api.pushover_subscribe_link_fn and fix api.generate_otp_fn

Browse Source
This commit is contained in:
xbgmsharp
2023-02-26 23:23:07 +01:00
parent 77dec463d1
commit 0f8107a672
1 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
initdb/02_5_signalk_auth_otp.sql
View File

@@ -51,7 +51,7 @@ COMMENT ON FUNCTION
DROP FUNCTION IF EXISTS api.generate_otp_fn; DROP FUNCTION IF EXISTS api.generate_otp_fn;
CREATE OR REPLACE FUNCTION api.generate_otp_fn(IN email TEXT) RETURNS TEXT CREATE OR REPLACE FUNCTION api.generate_otp_fn(IN email TEXT) RETURNS TEXT
AS $generate_otp$ AS $generate_otp$
DECLARE DECLARE
_email CITEXT := email; _email CITEXT := email;
_email_check TEXT := NULL; _email_check TEXT := NULL;
_otp_pass VARCHAR(10) := NULL; _otp_pass VARCHAR(10) := NULL;
@@ -65,10 +65,11 @@ AS $generate_otp$
END IF; END IF;
--SELECT substr(gen_random_uuid()::text, 1, 6) INTO otp_pass; --SELECT substr(gen_random_uuid()::text, 1, 6) INTO otp_pass;
SELECT generate_uid_fn(6) INTO _otp_pass; SELECT generate_uid_fn(6) INTO _otp_pass;
-- upsert - Insert or update otp code on conflit
INSERT INTO auth.otp (user_email, otp_pass) INSERT INTO auth.otp (user_email, otp_pass)
VALUES (_email_check, _otp_pass) VALUES (_email_check, _otp_pass)
ON CONFLICT (user_email) DO UPDATE SET otp_pass = _otp_pass; ON CONFLICT (user_email) DO UPDATE SET otp_pass = _otp_pass, otp_timestamp = NOW();
RETURN otp_pass; RETURN _otp_pass;
END; END;
$generate_otp$ language plpgsql security definer; $generate_otp$ language plpgsql security definer;
-- Description -- Description
@@ -241,7 +242,11 @@ COMMENT ON FUNCTION
api.email_fn api.email_fn
IS 'Store email_valid into user preferences if valid token/otp'; IS 'Store email_valid into user preferences if valid token/otp';
CREATE OR REPLACE FUNCTION api.pushover_subscribe_link_fn(IN email TEXT, OUT pushover_link JSON) RETURNS JSON -- Pushover Subscription API
-- Web-Based Subscription Process
-- https://pushover.net/api/subscriptions#web
-- Expose as an API endpoint
CREATE OR REPLACE FUNCTION api.pushover_subscribe_link_fn(OUT pushover_link JSON) RETURNS JSON
AS $pushover_subscribe_link$ AS $pushover_subscribe_link$
DECLARE DECLARE
app_url text; app_url text;
@@ -249,11 +254,12 @@ AS $pushover_subscribe_link$
pushover_app_url text; pushover_app_url text;
success text; success text;
failure text; failure text;
email text := current_setting('user.email', true);
BEGIN BEGIN
--https://pushover.net/api/subscriptions#web
-- "https://pushover.net/subscribe/PostgSail-23uvrho1d5y6n3e" -- "https://pushover.net/subscribe/PostgSail-23uvrho1d5y6n3e"
-- + "?success=" + urlencode("https://beta.openplotter.cloud/api/rpc/pushover_fn?token=" + generate_otp_fn({{email}})) -- + "?success=" + urlencode("https://beta.openplotter.cloud/api/rpc/pushover_fn?token=" + generate_otp_fn({{email}}))
-- + "&failure=" + urlencode("https://beta.openplotter.cloud/settings"); -- + "&failure=" + urlencode("https://beta.openplotter.cloud/settings");
-- get app_url -- get app_url
SELECT SELECT
value INTO app_url value INTO app_url
@@ -268,23 +274,28 @@ AS $pushover_subscribe_link$
public.app_settings public.app_settings
WHERE WHERE
name = 'app.pushover_app_url'; name = 'app.pushover_app_url';
-- Generate OTP
otp_code := api.generate_otp_fn(email); otp_code := api.generate_otp_fn(email);
-- On sucess redirect to to API endpoing -- On sucess redirect to API endpoint
SELECT CONCAT( SELECT CONCAT(
'?success=', '?success=',
urlencode(CONCAT(app_url,'/api/rpc/pushover_fn?token=')), public.urlescape_py_fn(CONCAT(app_url,'/rpc/pushover_fn?token=')),
otp_code) otp_code)
INTO success; INTO success;
-- On failure redirect to user settings, where he does come from -- On failure redirect to user settings, where he does come from
SELECT CONCAT( SELECT CONCAT(
'&failure=', '&failure=',
urlencode(CONCAT(app_url,'/settings')) public.urlescape_py_fn(CONCAT(app_url,'/profile'))
) INTO failure; ) INTO failure;
SELECT json_build_object( 'link', CONCAT(pushover_app_url, success, failure)) INTO pushover_link; SELECT json_build_object('link', CONCAT(pushover_app_url, success, failure)) INTO pushover_link;
END; END;
$pushover_subscribe_link$ language plpgsql security definer; $pushover_subscribe_link$ language plpgsql security definer;
-- Description
COMMENT ON FUNCTION
api.pushover_subscribe_link_fn
IS 'Generate Pushover subscription link';
-- Pushover Subscription API -- Confirm Pushover Subscription
-- Web-Based Subscription Process -- Web-Based Subscription Process
-- https://pushover.net/api/subscriptions#web -- https://pushover.net/api/subscriptions#web
-- Expose as an API endpoint -- Expose as an API endpoint
@@ -324,7 +335,7 @@ $pushover$ language plpgsql security definer;
-- Description -- Description
COMMENT ON FUNCTION COMMENT ON FUNCTION
api.pushover_fn api.pushover_fn
IS 'Store pushover_user_key into user preferences if valid token/otp'; IS 'Confirm Pushover Subscription and store pushover_user_key into user preferences if valid token/otp';
-- Telegram OTP Validation -- Telegram OTP Validation
-- Expose as an API endpoint -- Expose as an API endpoint
@@ -361,7 +372,7 @@ $telegram$ language plpgsql security definer;
-- Description -- Description
COMMENT ON FUNCTION COMMENT ON FUNCTION
api.telegram_fn api.telegram_fn
IS 'Store telegram chat details into user preferences if valid token/otp'; IS 'Confirm telegram user and store telegram chat details into user preferences if valid token/otp';
-- Telegram user validation -- Telegram user validation
DROP FUNCTION IF EXISTS auth.telegram_user_exists_fn; DROP FUNCTION IF EXISTS auth.telegram_user_exists_fn;
@@ -412,7 +423,6 @@ AS $telegram_otp$
END IF; END IF;
END; END;
$telegram_otp$ language plpgsql security definer; $telegram_otp$ language plpgsql security definer;
-- Description -- Description
COMMENT ON FUNCTION COMMENT ON FUNCTION
auth.telegram_otp_fn auth.telegram_otp_fn