Skip to content

Commit

Permalink
more work on the login system
Browse files Browse the repository at this point in the history
  • Loading branch information
@Dragon1320
Dragon1320 committed Jun 28, 2018
1 parent b6a6f42 commit 3a930ea
Show file tree
Hide file tree
Showing 3 changed files with 262 additions and 374 deletions.
96 changes: 65 additions & 31 deletions src/web/helpers/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,24 @@
"use strict";

const fs = require("fs");
const path = require("path");

const jwt = require("jsonwebtoken");

const schemas = require("../../db");
const Logger = require("../../logger");

const apiLogger = new Logger();

let config;
try {

config = JSON.parse(fs.readFileSync(path.join(__dirname, "..", "..", "..", "config.json")));
} catch(err) {

apiLogger.fatalError(`Could not read config file: ${err}`);
}

// Promise wrapper for jwt.verify().
const jwtVerify = (token, secret) => {
return new Promise((resolve, reject) => {
Expand All @@ -16,45 +33,62 @@ const jwtVerify = (token, secret) => {
});
}

const checkSessionCookie = (req, res) => {
if (req.cookies === undefined || req.cookies.session === undefined) {
return false;
}
return true;
}
const fetchSession = token => {
return new Promise((resolve, reject) => {

const addSessionCookie = (req, res, token) => {
res.cookie("session", token);
}
jwtVerify(token, config.jwt_secret)
.then(decoded => {

const remSessionCookie = (req, res) => {
if (checkSessionCookie(...arguments) === true) {
res.clearCookie("session");
req.cookies.session = undefined;
}
}
schemas.SessionSchema
.findById(decoded.id)
.then(session_doc => {
if (session_doc === null) {

const checkSession = (req, res) => {
if (req.session === undefined || req.session.complete === false) {
return false;
}
return true;
return reject("Session doc not found");
}

resolve(session_doc);
})
.catch(error => {

apiLogger.error(error);
reject(error);
});
})
.catch(error => {

apiLogger.error(error);
reject(error);
});
});
}

const checkUser = (req, res) => {
if (req.user === undefined) {
return false;
}
return true;
const fetchUser = discord_id => {
return new Promise((resolve, reject) => {

schemas.UserSchema
.findOne({
discord_id
})
.then(user_doc => {
if (user_doc === null) {

return reject("User doc not found");
}

resolve(user_doc);
})
.catch(error => {

apiLogger.error(error);
reject(error);
});
});
}

module.exports = {

jwtVerify,

checkSessionCookie,
addSessionCookie,
remSessionCookie,
checkSession,
checkUser
fetchSession,
fetchUser
};
169 changes: 51 additions & 118 deletions src/web/middlewares/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,164 +1,97 @@
"use strict";

const fs = require("fs");
const path = require("path");
const { fetchSession, fetchUser } = require("../helpers");

const schemas = require("../../db");
const Logger = require("../../logger");
const { jwtVerify, checkSessionCookie, checkSession, checkUser } = require("../helpers");

const apiLogger = new Logger();

let config;
try {

config = JSON.parse(fs.readFileSync(path.join(__dirname, "..", "..", "..", "config.json")));
} catch(err) {

apiLogger.fatalError(`Could not read config file: ${err}`);
}

/*
// Retrieves a session from the database.
const fetchSession = (req, res, next) => {
let token = null;
if (req.cookies !== undefined && req.cookies.session !== undefined) {
token = req.cookies.session;
}
if (req.headers["xxx-access-token"] !== undefined) {
token = req.headers["xxx-access-token"];
}
const authSession = (req, res, next) => {

if (token === null) {
return next();
if (req.cookies === undefined || req.cookies.session === undefined) {
return res.json({ status: 401, message: "Unauthorized", error: "There was an issue fetching your session" });
}

jwtVerify(token, config.rawrxd).then(decoded => {
fetchSession(req.cookies.session)
.then(session_doc => {

schemas.SessionSchema.findOne({ _id: decoded.id }).then(doc => {
if (doc === null) {
return next();
if (session_doc.complete === false) {
return res.json({ status: 401, message: "Unauthorized", error: "Your session was in an incorrect state" });
}

req.session = doc;
req.session = session_doc;
next();
})
.catch(error => {

}).catch(err => {
res.json({ status: 401, message: "Unauthorized", error: err });
res.json({ status: 401, message: "Unauthorized", error });
});
}).catch(err => {
res.json({ status: 401, message: "Unauthorized", error: err });
});
}

// Checks if the user is logged in.
const authLogin = (req, res, next) => {
if (req.session !== undefined && req.session.discord.id !== null) {
return next();
const authUser = (req, res, next) => {

if (req.cookies === undefined || req.cookies.session === undefined) {
return res.json({ status: 401, message: "Unauthorized", error: "There was an issue fetching your session" });
}
res.json({ status: 403, message: "Forbidden", error: null });
}

const fetchUser = (req, res, next) => {
schemas.UserSchema
.findOne({
discord_id: req.session.discord.id
})
.then(userdoc => {
if (userdoc === null) {
return res.json({ status: 403, message: "Forbidden", error: "User doc not found" });
fetchSession(req.cookies.session)
.then(session_doc => {

if (session_doc.complete === false) {
return res.json({ status: 401, message: "Unauthorized", error: "Your session was in an incorrect state" });
}

req.user = userdoc;
next();
req.session = session_doc;

fetchUser(session_doc.discord.id)
.then(user_doc => {

req.user = user_doc
next();
})
.catch(error => {

return res.json({ status: 401, message: "Unauthorized", error });
});
})
.catch(err => {
.catch(error => {

res.json({ status: 500, message: "Internal Server Error", error: err });
res.json({ status: 401, message: "Unauthorized", error });
});
}

const authAdmin = (req, res, next) => {
if (req.user !== undefined && req.user.admin === true) {
return next();
}
res.json({ status: 403, message: "Forbidden", error: "Admin only path" });
}

module.exports = {
if (req.cookies === undefined || req.cookies.session === undefined) {
return res.json({ status: 401, message: "Unauthorized", error: "There was an issue fetching your session" });
}

fetchSession,
authLogin,
fetchUser,
authAdmin
};
*/
fetchSession(req.cookies.session)
.then(session_doc => {

const fetchSession = token => {
if (session_doc.complete === false) {
return res.json({ status: 401, message: "Unauthorized", error: "Your session was in an incorrect state" });
}

jwtVerify(token, config.jwt_secret)
.then(decoded => {
req.session = session_doc;

schemas.SessionSchema
.findById(decoded.id)
.then(session_doc => {
if (session_doc === null) {
fetchUser(session_doc.discord.id)
.then(user_doc => {

return { session_doc: null, error: "Session doc not found" };
if (user_doc.admin === false) {
return res.json({ status: 403, message: "Forbidden", error: "Your are not authorised to access this path" });
}

return { session_doc, error: null };
req.user = user_doc
next();
})
.catch(error => {

return { session_doc: null, error };
return res.json({ status: 401, message: "Unauthorized", error });
});
})
.catch(error => {

return { session_doc: null, error };
res.json({ status: 401, message: "Unauthorized", error });
});
}

const fetchUser = discord_id => {

schemas.UserSchema
.findOne({
discord_id
})
.then(user_doc => {
if (user_doc === null) {

return { user_doc: null, error: "User doc not found" };
}

return { user_doc, error: null };
})
.catch(error => {

return { user_doc: null, error };
});
}

const authSession = (req, res, next) => {


}

const authUser = (req, res, next) => {

}

const authAdmin = (req, res, next) => {

}

module.exports = {

authSession,
Expand Down

0 comments on commit 3a930ea

Please sign in to comment.