start database (user and post), and initial barebones home page

author: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
committer: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
commit: 944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree: d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/login/_api_sign_jwt.sql
download: xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip
1 files changed, 33 insertions, 0 deletions
diff --git a/db/rest/login/_api_sign_jwt.sql b/db/rest/login/_api_sign_jwt.sql
new file mode 100644
index 0000000..dc8e920
--- /dev/null
+++ b/db/rest/login/_api_sign_jwt.sql
@@ -0,0 +1,33 @@
+CREATE FUNCTION _api.sign_jwt(
+	_role TEXT,
+	_user_id INTEGER
+)
+RETURNS sys.JWT
+LANGUAGE plpgsql VOLATILE
+AS $BODY$
+DECLARE
+	_jwt_secret TEXT;
+	_token sys.JWT;
+BEGIN
+	SELECT jwt_secret INTO _jwt_secret
+	FROM sys.database_info
+	WHERE name = current_database();
+
+	SELECT public.sign(
+		row_to_json(r), _jwt_secret
+	) INTO _token
+	FROM (
+		SELECT
+			_role AS role,
+			_user_id AS user_id,
+			extract(epoch FROM now())::integer + (60 * 60 * 24) AS exp
+	) r;
+
+	RETURN _token;
+END
+$BODY$;
+
+GRANT EXECUTE ON FUNCTION _api.sign_jwt(TEXT, INTEGER)
+	TO rest_anon, rest_user;
+GRANT SELECT ON TABLE sys.database_info
+	TO rest_anon, rest_user;
author	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
committer	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
commit	944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree	d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/login/_api_sign_jwt.sql
download	xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2 xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip