fixes in init.sql and added clear of session when the token is rejected

Author: Yuval-Roth

database/init.sql

@@ -1,11 +1,11 @@
 CREATE TABLE IF NOT EXISTS Participants (
     pid SERIAL PRIMARY KEY,
-    first_name VARCHAR(50) NOT NULL,
-    last_name VARCHAR(50) NOT NULL,
+    first_name TEXT NOT NULL,
+    last_name TEXT NOT NULL,
     age INT NOT NULL,
-    gender VARCHAR(15) NOT NULL,
-    phone VARCHAR(15) NOT NULL,
-    email VARCHAR(100) UNIQUE NOT NULL
+    gender TEXT NOT NULL,
+    phone TEXT NOT NULL,
+    email TEXT UNIQUE NOT NULL
 );
 
 CREATE TABLE IF NOT EXISTS Experiments (
@@ -19,8 +19,8 @@ CREATE TABLE IF NOT EXISTS Experiments (
 CREATE TABLE IF NOT EXISTS ExperimentsFeedback ( 
     exp_id INT,
     pid INT,
-    question VARCHAR(100),
-    answer VARCHAR(300) NOT NULL,
+    question TEXT,
+    answer TEXT NOT NULL,
     PRIMARY KEY (exp_id, pid, question),
     FOREIGN KEY (pid) REFERENCES Participants(pid),
     FOREIGN KEY (exp_id) REFERENCES Experiments(exp_id)
@@ -30,19 +30,19 @@ CREATE TABLE IF NOT EXISTS Sessions (
     session_id SERIAL PRIMARY KEY,
     exp_id INT,
     duration INT NOT NULL,
-    session_type VARCHAR(50) NOT NULL,
+    session_type TEXT NOT NULL,
     session_order INT NOT NULL,
     tolerance INT NOT NULL,
     window_length INT NOT NULL,
-    state VARCHAR(50) NOT NULL,
+    state TEXT NOT NULL,
     FOREIGN KEY (exp_id) REFERENCES Experiments(exp_id)
 );
 
 CREATE TABLE IF NOT EXISTS SessionsFeedback ( 
     session_id INT,
     pid INT,
-    question VARCHAR(100),
-    answer VARCHAR(300) NOT NULL,
+    question TEXT,
+    answer TEXT NOT NULL,
     PRIMARY KEY (session_id, pid, question),
     FOREIGN KEY (pid) REFERENCES Participants(pid),
     FOREIGN KEY (session_id) REFERENCES Sessions(session_id)
@@ -51,15 +51,15 @@ CREATE TABLE IF NOT EXISTS SessionsFeedback (
 CREATE TABLE IF NOT EXISTS SessionEvents (
     event_id SERIAL PRIMARY KEY,
     session_id INT,
-    type VARCHAR(50) NOT NULL,
-    subtype VARCHAR(50) NOT NULL,
+    type TEXT NOT NULL,
+    subtype TEXT NOT NULL,
     timestamp INT NOT NULL,
-    actor VARCHAR(100) NOT NULL,
+    actor TEXT NOT NULL,
     data TEXT,
     FOREIGN KEY (session_id) REFERENCES Sessions(session_id)
 );
 
 CREATE TABLE IF NOT EXISTS Credentials (
-    user_id VARCHAR(50) PRIMARY KEY,
-    password VARCHAR(50) NOT NULL
+    user_id TEXT PRIMARY KEY,
+    password TEXT NOT NULL
 )

game_server/src/main/kotlin/com/imsproject/gameserver/business/auth/CredentialsController.kt

@@ -35,13 +35,20 @@ class CredentialsController(private val credentialsDAO: CredentialsDAO) {
     }
 
     fun getAllUserIds(): List<String>{
-        return credentials.keys().toList().filter { it != "admin" }
+        val allCredentials = credentialsDAO.selectAll()
+        allCredentials.forEach { credentials[it.userId] = it.password }
+        return credentials.keys.toList().filter { it != "admin" }
     }
 
     fun remove(userId: String) : Boolean {
         if(userId == "admin") {
             throw IllegalArgumentException("Cannot delete admin user")
         }
-        return credentials.remove(userId) != null
+        if(!contains(userId)) {
+            return false
+        }
+        credentials.remove(userId)
+        credentialsDAO.delete(CredentialsPK(userId))
+        return true
     }
 }

game_server/src/main/resources/application.properties

@@ -10,4 +10,4 @@ database.port=5432
 database.name=ims-db
 database.driver-class-name=org.postgresql.Driver
 
-running.local=false
+running.local=true

manager/src/managers/__init__.py

@@ -4,7 +4,7 @@
 import base64
 from .logger import Logger
 
-RUNNING_LOCAL = False
+RUNNING_LOCAL = True
 
 if RUNNING_LOCAL:
     URL = "http://localhost:8080"
@@ -28,22 +28,36 @@ def post_auth(url, json, headers=None, timeout=2.0):
     final_headers = auth_headers()
     if headers:
         final_headers.update(headers)
-    return requests.post(url, json=json, headers=final_headers, timeout=timeout)
+    post = requests.post(url, json=json, headers=final_headers, timeout=timeout)
+    if post.status_code == 401:
+        response = server_response(post)
+        if not response.get_success() and response.get_message() == "Invalid Bearer token":
+            session.pop('token')
+            session.pop('username')
+
+    return post
 
 def get_auth(url, headers=None, timeout=2.0):
     final_headers = auth_headers()
     if headers:
         final_headers.update(headers)
-    return requests.get(url, headers=final_headers, timeout=timeout)
+    get = requests.get(url, headers=final_headers, timeout=timeout)
+    if get.status_code == 401:
+        response = server_response(get)
+        if not response.get_success() and response.get_message() == "Invalid Bearer token":
+            session.pop('token')
+            session.pop('username')
+
+    return get
 
 def authenticate_basic(username: str, password: str):
     try:
         token = base64.b64encode(f"{username}:{password}".encode()).decode()
         headers = {"Authorization": f"Basic {token}"}
-        Logger.log_debug(f"Sending auth request to {URL + 'auth'} with headers: {headers}")
-        res = requests.get(URL + "login", headers=headers)
+        # Logger.log_debug(f"Sending auth request to {URL + 'auth'} with headers: {headers}")
+        res = requests.get(URL + "/login", headers=headers)
 
-        Logger.log_debug(f"Auth status: {res.status_code}, response: {res.text}")
+        # Logger.log_debug(f"Auth status: {res.status_code}, response: {res.text}")
         return server_response(res)
     except Exception as e:
         Logger.log_error(f"Authentication error: {e}")