wip better login code

feinwarusoftware · Jun 28, 2018 · b6a6f42 · b6a6f42
1 parent d1f19f2
commit b6a6f42
Show file tree

Hide file tree

Showing 4 changed files with 161 additions and 18 deletions.
diff --git a/src/db/schemas/session.js b/src/db/schemas/session.js
@@ -8,6 +8,7 @@ const SessionSchema = new Schema({
 
     //  _id: ObjectId,
     nonce: { type: String, default: null },
+    complete: { type: Boolean, default: false },
     discord: {
         id: { type: String, default: null },
         access_token: { type: String, default: null },

diff --git a/src/web/helpers/index.js b/src/web/helpers/index.js
@@ -0,0 +1,60 @@
+"use strict";
+
+const jwt = require("jsonwebtoken");
+
+// Promise wrapper for jwt.verify().
+const jwtVerify = (token, secret) => {
+    return new Promise((resolve, reject) => {
+
+        jwt.verify(token, secret, (err, decoded) => {
+            if (err === null) {
+                return resolve(decoded);
+            }
+
+            reject(err);
+        });
+    });
+}
+
+const checkSessionCookie = (req, res) => {
+    if (req.cookies === undefined || req.cookies.session === undefined) {
+        return false;
+    }
+    return true;
+}
+
+const addSessionCookie = (req, res, token) => {
+    res.cookie("session", token);
+}
+
+const remSessionCookie = (req, res) => {
+    if (checkSessionCookie(...arguments) === true) {
+        res.clearCookie("session");
+        req.cookies.session = undefined;
+    }
+}
+
+const checkSession = (req, res) => {
+    if (req.session === undefined || req.session.complete === false) {
+        return false;
+    }
+    return true;
+}
+
+const checkUser = (req, res) => {
+    if (req.user === undefined) {
+        return false;
+    }
+    return true;
+}
+
+module.exports = {
+
+    jwtVerify,
+
+    checkSessionCookie,
+    addSessionCookie,
+    remSessionCookie,
+    checkSession,
+    checkUser
+};
diff --git a/src/web/middlewares/index.js b/src/web/middlewares/index.js
@@ -3,10 +3,9 @@
 const fs = require("fs");
 const path = require("path");
 
-const jwt = require("jsonwebtoken");
-
 const schemas = require("../../db");
 const Logger = require("../../logger");
+const { jwtVerify, checkSessionCookie, checkSession, checkUser } = require("../helpers");
 
 const apiLogger = new Logger();
 
@@ -19,20 +18,7 @@ try {
     apiLogger.fatalError(`Could not read config file: ${err}`);
 }
 
-// Promise wrapper for jwt.verify().
-const jwtVerify = (token, secret) => {
-    return new Promise((resolve, reject) => {
-
-        jwt.verify(token, secret, (err, decoded) => {
-            if (err === null) {
-                return resolve(decoded);
-            }
-
-            reject(err);
-        });
-    });
-}
-
+/*
 // Retrieves a session from the database.
 const fetchSession = (req, res, next) => {
 
@@ -78,8 +64,104 @@ const authLogin = (req, res, next) => {
     res.json({ status: 403, message: "Forbidden", error: null });
 }
 
+const fetchUser = (req, res, next) => {
+    schemas.UserSchema
+        .findOne({
+            discord_id: req.session.discord.id
+        })
+        .then(userdoc => {
+            if (userdoc === null) {
+                return res.json({ status: 403, message: "Forbidden", error: "User doc not found" });
+            }
+
+            req.user = userdoc;
+            next();
+
+        })
+        .catch(err => {
+
+            res.json({ status: 500, message: "Internal Server Error", error: err });
+        });
+}
+
+const authAdmin = (req, res, next) => {
+    if (req.user !== undefined && req.user.admin === true) {
+        return next();
+    }
+    res.json({ status: 403, message: "Forbidden", error: "Admin only path" });
+}
+
 module.exports = {
 
     fetchSession,
-    authLogin
+    authLogin,
+    fetchUser,
+    authAdmin
+};
+*/
+
+const fetchSession = token => {
+
+    jwtVerify(token, config.jwt_secret)
+        .then(decoded => {
+
+            schemas.SessionSchema
+                .findById(decoded.id)
+                .then(session_doc => {
+                    if (session_doc === null) {
+
+                        return { session_doc: null, error: "Session doc not found" };
+                    }
+
+                    return { session_doc, error: null };
+                })
+                .catch(error => {
+
+                    return { session_doc: null, error };
+                });
+        })
+        .catch(error => {
+
+            return { session_doc: null, error };
+        });
+}
+
+const fetchUser = discord_id => {
+
+    schemas.UserSchema
+        .findOne({
+            discord_id
+        })
+        .then(user_doc => {
+            if (user_doc === null) {
+
+                return { user_doc: null, error: "User doc not found" };
+            }
+
+            return { user_doc, error: null };
+        })
+        .catch(error => {
+
+            return { user_doc: null, error };
+        });
+}
+
+const authSession = (req, res, next) => {
+
+
+}
+
+const authUser = (req, res, next) => {
+
+}
+
+const authAdmin = (req, res, next) => {
+
+}
+
+module.exports = {
+
+    authSession,
+    authUser,
+    authAdmin
 };
diff --git a/src/web/routes/api/users.js b/src/web/routes/api/users.js
@@ -4,7 +4,7 @@ const express = require("express");
 
 const schemas = require("../../../db");
 const Logger = require("../../../logger");
-const { fetchSession, authLogin } = require("../../middlewares");
+const { fetchSession, authLogin, fetchUser, authAdmin } = require("../../middlewares");
 
 const router = express.Router();
 const apiLogger = new Logger();