added login / logout functionality and authorization rules via bouncer

2021-10-17 17:11:21 +02:00
parent 43ee300bd2
commit 4b222c9921
14 changed files with 665 additions and 18 deletions
--- a/app/Controllers/Http/AuthController.ts
+++ b/app/Controllers/Http/AuthController.ts
@@ -0,0 +1,22 @@
+import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'
+
+export default class AuthController {
+
+    public async login({auth, request, response}: HttpContextContract) {
+        const username = request.input('username')
+        const password = request.input('password')
+
+        try {
+            await auth.attempt(username, password)
+            response.ok("Login successful")
+        } catch (error) {
+            return error
+        }
+    }
+
+    public async logout({auth, response}: HttpContextContract) {
+        await auth.logout()
+
+        return response.ok('Logged out successfully')
+    }
+}
--- a/app/Controllers/Http/EmployeesController.ts
+++ b/app/Controllers/Http/EmployeesController.ts
@@ -7,10 +7,8 @@ import Database from '@ioc:Adonis/Lucid/Database'

 // TODO: #1 Implement paginator for Employee-Index
 export default class EmployeesController {
-  public async index ({}: HttpContextContract) {
-    const report = Database.manager.report()
-
-    console.log(report)
+  public async index ({bouncer}: HttpContextContract) {
+    await bouncer.authorize('employees.index')

    return await Database.from('employees').select('*')
  }
@@ -35,8 +33,14 @@ export default class EmployeesController {

  }

-  public async show ({params}: HttpContextContract) { 
-    return await Employee.find(params.id)
+  public async show ({params, bouncer}: HttpContextContract) { 
+    const emp = await Employee.findOrFail(params.id)
+
+    if (await bouncer.denies('employees.show', emp)){
+      return 'Not admin or wrong user'
+    }
+
+    return emp
  }

  public async update ({params, request}: HttpContextContract) {
--- a/app/Models/User.ts
+++ b/app/Models/User.ts
@@ -25,6 +25,12 @@ export default class User extends BaseModel {
  @hasOne(() => Employee)
  public employeeProfile : HasOne<typeof Employee>

+  @column()
+  public role : string
+
+  @column()
+  public isActive : boolean
+
  @beforeSave()
  public static async hashPassword(user: User) {
    if(user.$dirty.password){