start database (user and post), and initial barebones home page

author: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
committer: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
commit: 944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree: d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/login/_api_verify_jwt.sql
download: xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip
1 files changed, 38 insertions, 0 deletions
diff --git a/db/rest/login/_api_verify_jwt.sql b/db/rest/login/_api_verify_jwt.sql
new file mode 100644
index 0000000..f5a6daf
--- /dev/null
+++ b/db/rest/login/_api_verify_jwt.sql
@@ -0,0 +1,38 @@
+CREATE FUNCTION _api.verify_jwt(
+	_token TEXT
+)
+RETURNS INTEGER
+LANGUAGE plpgsql VOLATILE
+AS $BODY$
+DECLARE
+	_payload JSON;
+	_valid BOOLEAN;
+	_jwt_secret TEXT;
+BEGIN
+	SELECT jwt_secret INTO _jwt_secret
+	FROM sys.database_info
+	WHERE name = current_database();
+
+	SELECT payload, valid
+	INTO _payload, _valid
+	FROM public.verify(
+		_token,
+		_jwt_secret
+	);
+
+	IF NOT FOUND THEN
+		RETURN NULL;
+	END IF;
+
+	IF _valid <> TRUE THEN
+		RETURN NULL;
+	END IF;
+
+	RETURN _payload->>'user_id';
+END
+$BODY$;
+
+GRANT EXECUTE ON FUNCTION _api.verify_jwt(TEXT)
+	TO rest_anon, rest_user;
+GRANT SELECT ON TABLE sys.database_info
+	TO rest_anon, rest_user;
author	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
committer	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
commit	944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree	d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/login/_api_verify_jwt.sql
download	xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2 xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip