added login via mysql

added getselfuser from mysql
2025-12-13 22:31:38 +01:00 · 2025-06-06 01:41:45 +02:00
parent 57e8f64095
commit 2645d698d7
3 changed files with 164 additions and 50 deletions
--- a/Server/Commands/CommandLibrary.cs
+++ b/Server/Commands/CommandLibrary.cs
@@ -1,4 +1,5 @@
 using System.Net.Sockets;
+using System.Runtime.CompilerServices;
 using System.Text.Json;
 using DX86;
 using Library;
@@ -29,30 +30,76 @@ public class CommandLibrary

        [Command("login")]
        public static string LoginCommand(string[] args, TcpClient? client, TcpServer? socket)
-    {
-        if (args.Length < 2)
-            throw new CommandException("Missing arguments: usage is login <username> <password>");
-
-        string username = args[0];
-        string password = args[1];
-        
-        if (socket?.LoggedInClients.ContainsKey(client) == true)
-            throw new CommandException("User already logged in.");
-
-        if (username == "TEST" && password == "1234")
        {
-            if (client != null)
+            // 1) Argument check
+            if (args.Length < 2)
+                throw new CommandException("Missing arguments: usage is login <employeeCode> <4-digit PIN>");
+
+            string employeeCode = args[0];
+            string pinCode      = args[1];
+
+            // 2) Prevent double‐login
+            if (client != null && socket?.LoggedInClients.ContainsKey(client) == true)
+                throw new CommandException("User already logged in.");
+
+            // 3) Look up the employee by Code
+            var empParams       = new Dictionary<string, object> { { "Code", employeeCode } };
+            string empResultJson = Program.mySql.Get("employees", empParams);
+
+            using var empDoc = JsonDocument.Parse(empResultJson);
+            bool empError = empDoc.RootElement.GetProperty("error").GetBoolean();
+            if (empError)
            {
-                socket?.LoggedInClients.Add(client, username);
-                return "success";
+                string dbMsg = empDoc.RootElement.GetProperty("data").GetString() ?? "Unknown DB error";
+                Program.messageSender.Error($"[LoginCommand] DB error when looking up employee: {dbMsg}");
+                throw new CommandException("Internal error while checking credentials.");
            }

-            throw new CommandException("No client connection detected.");
+            var empArray = empDoc.RootElement.GetProperty("data");
+            if (empArray.GetArrayLength() == 0)
+            {
+                // No employee with that Code
+                throw new CommandException("Invalid employee code or PIN.");
+            }
+
+            // 4) Extract Id from the first row
+            var empRow      = empArray[0];
+            int employeeId  = empRow.GetProperty("Id").GetInt32();
+
+            // 5) Check PIN for that employeeId
+            var pinParams       = new Dictionary<string, object>
+            {
+                { "EmployeeId", employeeId },
+                { "PinCode",    pinCode }
+            };
+            string pinResultJson = Program.mySql.Get("employee_pins", pinParams);
+
+            using var pinDoc = JsonDocument.Parse(pinResultJson);
+            bool pinError = pinDoc.RootElement.GetProperty("error").GetBoolean();
+            if (pinError)
+            {
+                string dbMsg = pinDoc.RootElement.GetProperty("data").GetString() ?? "Unknown DB error";
+                Program.messageSender.Error($"[LoginCommand] DB error when checking PIN: {dbMsg}");
+                throw new CommandException("Internal error while checking credentials.");
+            }
+
+            var pinArray = pinDoc.RootElement.GetProperty("data");
+            if (pinArray.GetArrayLength() == 0)
+            {
+                // No matching PIN entry
+                throw new CommandException("Invalid employee code or PIN.");
+            }
+
+            // 6) Successful login → add client to LoggedInClients
+            if (client == null)
+                throw new CommandException("No client connection detected.");
+
+            socket!.LoggedInClients.Add(client, employeeCode);
+
+            // 7) Return “success” (instead of full Employee JSON)
+            return "success";
        }
-
-        throw new CommandException("Invalid username or password.");
-    }
-
+    
        [Command("logout")]
        public static string LogoutCommand(TcpClient? client, TcpServer? socket)
        {
@@ -67,15 +114,60 @@ public class CommandLibrary
        [Command("getSelfUser")]
        public static string GetSelfUserCommand(TcpClient? client, TcpServer? socket)
        {
+            // 1) Check for a valid client/socket
            if (client == null || socket == null)
                throw new CommandException("No client connection detected.");

-            if (socket.LoggedInClients.TryGetValue(client, out var username))
+            // 2) See if this client is logged in
+            if (!socket.LoggedInClients.TryGetValue(client, out var employeeCode))
+                throw new CommandException("User not logged in.");
+
+            // 3) Query the database for that employeeCode
+            var empParams = new Dictionary<string, object>
            {
-                return GenerateTestEmployee().ToJson();
+                { "Code", employeeCode }
+            };
+            string empResultJson = Program.mySql.Get("employees", empParams);
+
+            using var empDoc = JsonDocument.Parse(empResultJson);
+            bool empError = empDoc.RootElement.GetProperty("error").GetBoolean();
+            if (empError)
+            {
+                // Extract the “data” field as the DB‐side error message, if any
+                string dbMsg = empDoc.RootElement.GetProperty("data").GetString() 
+                               ?? "Unknown DB error";
+                Program.messageSender.Error($"[GetSelfUser] DB error when looking up employee: {dbMsg}");
+                throw new CommandException("Internal error while fetching user data.");
            }

-            throw new CommandException("User not logged in.");
+            var dataArray = empDoc.RootElement.GetProperty("data");
+            if (dataArray.GetArrayLength() == 0)
+            {
+                // No employee row found for this code
+                throw new CommandException("Logged‐in user not found in database.");
+            }
+
+            // 4) We expect exactly one row. Take the first element:
+            var firstRow = dataArray[0];
+
+            // 5) Deserialize it into an Employee object.
+            //    This requires that Employee.Id is an int (matching the DB schema),
+            //    or you map fields manually if Id remains a string.
+            Employee self;
+            try
+            {
+                string employeeJson = firstRow.GetRawText();
+                self = JsonSerializer.Deserialize<Employee>(employeeJson)
+                       ?? throw new InvalidOperationException("Deserialized Employee was null.");
+            }
+            catch (Exception ex)
+            {
+                Program.messageSender.Error($"[GetSelfUser] Failed to deserialize Employee: {ex.Message}");
+                throw new CommandException("Internal error while parsing user data.");
+            }
+
+            // 6) Return the Employee’s JSON via the ToJson() helper you already wrote:
+            return self.ToJson();
        }

    #endregion
@@ -85,6 +177,7 @@ public class CommandLibrary
        [Command("get")]
        public static string GetCommand(string[] args, TcpClient? client, TcpServer? socket) =>
        $"not implemented yet, args: {string.Join(", ", args)}";
+        
    
    #endregion