libipc-old/zig-impl/crystal/some-crystal-app/authd/requests/delete.cr

class AuthD::Request
	IPC::JSON.message Delete, 17 do
		# Deletion can be triggered by either an admin or the user.
		property shared_key : String? = nil

		property login      : String? = nil
		property password   : String? = nil

		property user       : String | Int32

		def initialize(@user, @login, @password)
		end
		def initialize(@user, @shared_key)
		end

		def handle(authd : AuthD::Service)
			uid_or_login = @user
			user_to_delete = if uid_or_login.is_a? Int32
				authd.users_per_uid.get? uid_or_login.to_s
			else
				authd.users_per_login.get? uid_or_login
			end

			if user_to_delete.nil?
				return Response::Error.new "invalid user"
			end

			# Either the request comes from an admin or the user.
			# Shared key == admin, check the key.
			if key = @shared_key
				return Response::Error.new "unauthorized (wrong shared key)" unless key == authd.configuration.shared_key
			else
				login = @login
				pass = @password
				if login.nil? || pass.nil?
					return Response::Error.new "authentication failed (no shared key, no login)"
				end

				# authenticate the user
				begin
					user = authd.users_per_login.get login
				rescue e : DODB::MissingEntry
					return Response::Error.new "invalid credentials"
				end

				if user.nil?
					return Response::Error.new "invalid credentials"
				end

				if user.password_hash != authd.hash_password pass
					return Response::Error.new "invalid credentials"
				end

				# Is the user to delete the requesting user?
				if user.uid != user_to_delete.uid
					return Response::Error.new "invalid credentials"
				end
			end

			# User or admin is now verified: let's proceed with the user deletion.
			authd.users_per_login.delete user_to_delete.login

			# TODO: better response
			Response::User.new user_to_delete.to_public
		end
	end
	AuthD.requests << Delete

end
Crystal bindings: add authd full WIP code. 2023-02-01 11:10:30 +01:00			`class AuthD::Request`
			`IPC::JSON.message Delete, 17 do`
			`# Deletion can be triggered by either an admin or the user.`
			`property shared_key : String? = nil`

			`property login : String? = nil`
			`property password : String? = nil`

			`property user : String \| Int32`

			`def initialize(@user, @login, @password)`
			`end`
			`def initialize(@user, @shared_key)`
			`end`

Crystal bindings: authd: no need for events in 'handle' methods. 2023-02-01 11:17:18 +01:00			`def handle(authd : AuthD::Service)`
Crystal bindings: add authd full WIP code. 2023-02-01 11:10:30 +01:00			`uid_or_login = @user`
			`user_to_delete = if uid_or_login.is_a? Int32`
			`authd.users_per_uid.get? uid_or_login.to_s`
			`else`
			`authd.users_per_login.get? uid_or_login`
			`end`

			`if user_to_delete.nil?`
			`return Response::Error.new "invalid user"`
			`end`

			`# Either the request comes from an admin or the user.`
			`# Shared key == admin, check the key.`
			`if key = @shared_key`
			`return Response::Error.new "unauthorized (wrong shared key)" unless key == authd.configuration.shared_key`
			`else`
			`login = @login`
			`pass = @password`
			`if login.nil? \|\| pass.nil?`
			`return Response::Error.new "authentication failed (no shared key, no login)"`
			`end`

			`# authenticate the user`
			`begin`
			`user = authd.users_per_login.get login`
			`rescue e : DODB::MissingEntry`
			`return Response::Error.new "invalid credentials"`
			`end`

			`if user.nil?`
			`return Response::Error.new "invalid credentials"`
			`end`

			`if user.password_hash != authd.hash_password pass`
			`return Response::Error.new "invalid credentials"`
			`end`

			`# Is the user to delete the requesting user?`
			`if user.uid != user_to_delete.uid`
			`return Response::Error.new "invalid credentials"`
			`end`
			`end`

			`# User or admin is now verified: let's proceed with the user deletion.`
			`authd.users_per_login.delete user_to_delete.login`

			`# TODO: better response`
			`Response::User.new user_to_delete.to_public`
			`end`
			`end`
			`AuthD.requests << Delete`

			`end`