KnockOutWhist/KnockOutWhist-Web
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 32 Wiki Activity
Files
c3d10f31ac6ca9a83c35e1a55a98f3e44ddf1c35
KnockOutWhist-Web/knockoutwhistweb/app/controllers/UserController.scala
Janis e8b31b1748 feat: FRO-2 Implement Login Component (#105) 
Reviewed-on: #105
Reviewed-by: lq64 <lq@blackhole.local>
Co-authored-by: Janis <janis.e.20@gmx.de>
Co-committed-by: Janis <janis.e.20@gmx.de>
2025-12-10 11:43:51 +01:00

77 lines
2.5 KiB
Scala
Raw Blame History

package controllers
import auth.{AuthAction, AuthenticatedRequest}
import dto.subDTO.UserDTO
import logic.user.{SessionManager, UserManager}
import model.users.User
import play.api.*
import play.api.libs.json.Json
import play.api.mvc.*
import play.api.mvc.Cookie.SameSite.{Lax, None, Strict}
import javax.inject.*
/**
* This controller creates an `Action` to handle HTTP requests to the
* application's home page.
*/
@Singleton
class UserController @Inject()(
val controllerComponents: ControllerComponents,
val sessionManager: SessionManager,
val userManager: UserManager,
val authAction: AuthAction
) extends BaseController {
def login_Post(): Action[AnyContent] = {
Action { implicit request =>
val jsonBody = request.body.asJson
val username: Option[String] = jsonBody.flatMap { jsValue =>
(jsValue \ "username").asOpt[String]
}
val password: Option[String] = jsonBody.flatMap { jsValue =>
(jsValue \ "password").asOpt[String]
}
if (username.isDefined && password.isDefined) {
// Extract username and password from form data
val possibleUser = userManager.authenticate(username.get, password.get)
if (possibleUser.isDefined) {
Ok(Json.obj(
"user" -> Json.obj(
"id" -> possibleUser.get.id,
"username" -> possibleUser.get.name
)
)).withCookies(Cookie(
name = "accessToken",
value = sessionManager.createSession(possibleUser.get),
httpOnly = true,
secure = false,
sameSite = Some(Lax)
))
} else {
Unauthorized("Invalid username or password")
}
} else {
BadRequest("Invalid form submission")
}
}
}
def getUserInfo(): Action[AnyContent] = authAction { implicit request: AuthenticatedRequest[AnyContent] =>
val user: User = request.user
Ok(Json.obj(
"id" -> user.id,
"username" -> user.name
))
}
def logoutPost(): Action[AnyContent] = authAction { implicit request: AuthenticatedRequest[AnyContent] =>
val sessionCookie = request.cookies.get("accessToken")
if (sessionCookie.isDefined) {
sessionManager.invalidateSession(sessionCookie.get.value)
}
NoContent.discardingCookies(DiscardingCookie("accessToken"))
}
}
Reference in New Issue View Git Blame Copy Permalink