remade login system yay

src/db/schemas/session.js

@@ -7,8 +7,8 @@ const Schema = mongoose.Schema;
 const SessionSchema = new Schema({
 
     //  _id: ObjectId,
+    nonce: String,
     discord: {
-        nonce: String,
         access_token: String,
         token_type: String,
         expires_in: String,

src/web/index.js

@@ -43,7 +43,9 @@ app.engine("ejs", ejs.renderFile);
 app.use(express.static(path.join(__dirname, "static")));
 
 app.use(express.json());
-app.use(cookieParser());
+app.use(cookieParser(config.rawrxd, {
+    secure: config.env === "dev" ? false : true
+}));
 
 app.use(i18n({
     translationsPath: path.join(__dirname, 'translations'),

src/web/routes/api/users.js

@@ -1,8 +1,134 @@
 "use strict";
 
+const fs = require("fs");
+const path = require("path");
+
 const express = require("express");
+const jwt = require("jsonwebtoken");
+
+const schemas = require("../../../db");
+const Logger = require("../../../logger");
+
 const router = express.Router();
+const apiLogger = new Logger();
+
+let config;
+try {
+
+    config = JSON.parse(fs.readFileSync(path.join(__dirname, "..", "..", "..", "..", "config.json")));
+} catch(err) {
+
+    apiLogger.fatalError(`Could not read config file: ${err}`);
+}
+
+// Promise wrapper for jwt.verify().
+const jwtVerify = (token, secret) => {
+    return new Promise((resolve, reject) => {
+
+        jwt.verify(token, secret, (err, decoded) => {
+            if (err !== null && err !== undefined) {
+
+                return reject(err);
+            }
+
+            resolve(decoded);
+        });
+    });
+}
+
+// Ensures req.cookies is defined.
+const defineCookies = (req, res, next) => {
+    if (req.cookies === null || req.cookies === undefined) {
+        req.cookies = {};
+    }
+    next();
+}
+
+// Ensures req.session is defined or null.
+const nullSession = (req, res, next) => {
+    if (req.session === null || req.session === undefined) {
+        req.session = null;
+    }
+    next();
+}
+
+// Ensire req.login is defined or null.
+const nullLogin = (req, res, next) => {
+    if (req.login === null || req.login === undefined) {
+        req.login = null;
+    }
+    next();
+}
+
+const fetchSession = (req, res, next) => {
+    if (req.cookies.session === undefined && req.headers["xxx-access-token"] === undefined) {
+        return next();
+    }
+
+    jwtVerify(req.cookies.session === undefined ? req.headers["xxx-access-token"] : req.cookies.session, config.rawrxd).then(decoded => {
+
+        schemas.SessionSchema.findOne({ _id: decoded.id }).then(doc => {
+            if (doc === null || doc === undefined) {
+
+                return next();
+            }
+
+            req.session = doc;
+            next();
+
+        }).catch(err => {
+
+            res.json({ code: 401, err });
+        });
+    }).catch(err => {
+
+        res.json({ code: 401, err });
+    });
+}
+
+const fetchLogin = (req, res, next) => {
+    if (req.session === null || req.session.discord === null) {
+        return next();
+    }
+
+    req.login = req.session.discord;
+    next();
+}
+
+const authLogin = (req, res, next) => {
+    if (req.login === null) {
+        return res.json({ err: 403 });
+    }
+    next();
+}
+
+router.post("/", defineCookies, nullSession, nullLogin, fetchSession, fetchLogin, (req, res) => {
+
+
+
+});
+
+router.route("/:discord_id").get(defineCookies, nullSession, nullLogin, fetchSession, fetchLogin, (req, res) => {
+
+    if (req.login === null) {
+
+        return res.json({ rawrxd: ":mattthink:" });
+    }
+
+    res.json({ login: req.login });
+
+}).put((req, res) => {
+
+
+
+}).patch((req, res) => {
+
+
+
+}).delete((req, res) => {
+
 
 
+});
 
 module.exports = router;