✨ Add geolocation

Author: AnandChowdhary

package.json

@@ -20,6 +20,7 @@
     "@types/dotenv": "^6.1.1",
     "@types/express": "^4.16.1",
     "@types/fs-extra": "^5.0.5",
+    "@types/geolite2": "^1.2.0",
     "@types/jest": "^24.0.12",
     "@types/jsonwebtoken": "^8.3.2",
     "@types/marked": "^0.6.5",
@@ -44,10 +45,12 @@
     "express": "^4.16.4",
     "express-async-handler": "^1.1.4",
     "fs-extra": "^7.0.1",
+    "geolite2": "^1.2.1",
     "googleapis": "^39.2.0",
     "ip-anonymize": "^0.0.6",
     "jsonwebtoken": "^8.5.1",
     "marked": "^0.6.2",
+    "maxmind": "^3.0.3",
     "mustache": "^3.0.1",
     "mysql": "^2.17.1",
     "node-cache": "^4.2.0",

src/crud/event.ts

@@ -3,6 +3,7 @@ import { Event } from "../interfaces/tables/events";
 import { Locals } from "../interfaces/general";
 import { deleteItemFromCache, cachedQuery } from "../helpers/cache";
 import { CacheCategories } from "../interfaces/enum";
+import { addLocationToEvents } from "../helpers/location";
 
 /*
  * Create a new security event
@@ -39,12 +40,12 @@ export const getUserEvents = async (userId: number) => {
  * Get the 10 most recent security events for a user
  */
 export const getUserRecentEvents = async (userId: number) => {
-  return <Event[]>(
+  return await addLocationToEvents(<Event[]>(
     await cachedQuery(
       CacheCategories.USER_RECENT_EVENTS,
       userId,
       `SELECT * FROM events WHERE userId = ? ORDER BY id DESC LIMIT 10`,
       [userId]
     )
-  );
+  ));
 };

src/helpers/location.ts

@@ -0,0 +1,43 @@
+import maxmind, { CityResponse } from "maxmind";
+import geoLite2 from "geolite2";
+import { Event } from "../interfaces/tables/events";
+import { getItemFromCache, storeItemInCache } from "./cache";
+import { CacheCategories } from "../interfaces/enum";
+
+export const getGeolocationFromIp = async (ipAddress: string) => {
+  const cachedLookup = getItemFromCache(CacheCategories.IP_LOOKUP, ipAddress);
+  if (cachedLookup) return cachedLookup;
+  const lookup = await maxmind.open<CityResponse>(geoLite2.paths.city);
+  const ipLookup = lookup.get(ipAddress);
+  if (!ipLookup) return;
+  const location: any = {};
+  if (ipLookup.city) location.city = ipLookup.city.names.en;
+  if (ipLookup.continent) location.continent = ipLookup.continent.names.en;
+  if (ipLookup.country) location.country_code = ipLookup.country.iso_code;
+  if (ipLookup.location) location.latitude = ipLookup.location.latitude;
+  if (ipLookup.location) location.longitude = ipLookup.location.longitude;
+  if (ipLookup.location) location.time_zone = ipLookup.location.time_zone;
+  if (ipLookup.location)
+    location.accuracy_radius = ipLookup.location.accuracy_radius;
+  if (ipLookup.postal) location.zip_code = ipLookup.postal.code;
+  if (ipLookup.subdivisions)
+    location.region_name = ipLookup.subdivisions[0].names.en;
+  if (ipLookup.subdivisions)
+    location.region_code = ipLookup.subdivisions[0].iso_code;
+  storeItemInCache(CacheCategories.IP_LOOKUP, ipAddress, location);
+  return location;
+};
+
+export const addLocationToEvents = async (events: Event[]) => {
+  for await (let event of events) {
+    event = await addLocationToEvent(event);
+  }
+  return events;
+};
+
+export const addLocationToEvent = async (event: Event) => {
+  if (event.ipAddress) {
+    event.location = await getGeolocationFromIp(event.ipAddress);
+  }
+  return event;
+};

src/interfaces/enum.ts

@@ -81,7 +81,8 @@ export enum CacheCategories {
   MEMBERSHIP = "membership",
   ORGANIZATION = "organization",
   APPROVE_LOCATIONS = "approved-locations",
-  APPROVE_LOCATION = "approved-location"
+  APPROVE_LOCATION = "approved-location",
+  IP_LOOKUP = "ip-lookup"
 }
 
 export enum Authorizations {

src/interfaces/tables/events.ts

@@ -1,4 +1,5 @@
 import { EventType } from "../enum";
+import { CityResponse } from "maxmind";
 
 export interface Event {
   id?: number;
@@ -9,4 +10,5 @@ export interface Event {
   ipAddress?: string;
   userAgent?: string;
   createdAt?: Date;
+  location?: CityResponse | null;
 }

src/templates/email-verify.md

@@ -4,9 +4,9 @@ Dear {{name}},
 
 Click on the following button to verify this email for your account.
 
-<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/email-verify?token={{token}}">Verify your email</a>
+<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/token?subject=email-verify&token={{token}}">Verify your email</a>
 
-If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/email-verify?token={{token}}.
+If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/token?subject=email-verify&token={{token}}.
 
 If you didn't request this email, you can safely ignore it.
 

src/templates/password-reset.md

@@ -4,8 +4,8 @@ Dear {{name}},
 
 Click on the following button to reset your password:
 
-<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/reset-password?token={{token}}">Reset your password</a>
+<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/token?subject=reset-password&token={{token}}">Reset your password</a>
 
-If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/reset-password?token={{token}}.
+If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/token?subject=reset-password&token={{token}}.
 
 If you didn't request this email, you can safely ignore it.

src/templates/unapproved-location.md

@@ -4,8 +4,8 @@ Dear {{name}},
 
 You tried to log in from a new location.
 
-<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/location-verify?token={{token}}">Approve this login</a>
+<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/token?subject=approve-location&token={{token}}">Approve this login</a>
 
-If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/location-verify?token={{token}}.
+If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/token?subject=approve-location&token={{token}}.
 
 If you didn't just login, we highly recommend you change your password.

yarn.lock

@@ -386,6 +386,11 @@
   dependencies:
     "@types/node" "*"
 
+"@types/geolite2@^1.2.0":
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/@types/geolite2/-/geolite2-1.2.0.tgz#f66dcdd395e5be29dff5d8c476c4cfb015a5e0d7"
+  integrity sha512-fSEel9sfeC8XGS/CD8duQhaGtAS9Ho3ehVEzAUZWFWpSiHKYX4fkJleEy08qbpF5tU4AnMHGGVKi0EvpI6tYag==
+
 "@types/glob@*":
   version "7.1.1"
   resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.1.tgz#aa59a1c6e3fbc421e07ccd31a944c30eba521575"
@@ -1821,6 +1826,11 @@ gcp-metadata@^1.0.0:
     gaxios "^1.0.2"
     json-bigint "^0.3.0"
 
+geolite2@^1.2.1:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/geolite2/-/geolite2-1.2.1.tgz#b7c62d182021d398f7fc3c9d09a01c067b36cb36"
+  integrity sha512-4NqR+Wr4/KMSDrTq+0jnxL+xiMBiUXFiLBuMCs5gChLhZD6uvWICQxQV3MNpRH3FPGnB4gKHs3gGaYd+6X4sGQ==
+
 get-caller-file@^1.0.1:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-1.0.3.tgz#f978fa4c90d1dfe7ff2d6beda2a515e713bdcf4a"
@@ -3202,6 +3212,13 @@ marked@^0.6.2:
   resolved "https://registry.yarnpkg.com/marked/-/marked-0.6.2.tgz#c574be8b545a8b48641456ca1dbe0e37b6dccc1a"
   integrity sha512-LqxwVH3P/rqKX4EKGz7+c2G9r98WeM/SW34ybhgNGhUQNKtf1GmmSkJ6cDGJ/t6tiyae49qRkpyTw2B9HOrgUA==
 
+maxmind@^3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/maxmind/-/maxmind-3.0.3.tgz#f771af8cc10a6a3481a42c3f374af9448a0689c8"
+  integrity sha512-E/AvmqI1bfYU1c8p+Q7xCc9TGoTOp/yV8WsUHuJ+eGYEHmakEazbl3OrJCYkacBdLEqq19p/G3OyjBSDUJTUqA==
+  dependencies:
+    tiny-lru "6.0.1"
+
 media-typer@0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
@@ -4651,6 +4668,11 @@ timed-out@^4.0.0:
   resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-4.0.1.tgz#f32eacac5a175bea25d7fab565ab3ed8741ef56f"
   integrity sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=
 
+tiny-lru@6.0.1:
+  version "6.0.1"
+  resolved "https://registry.yarnpkg.com/tiny-lru/-/tiny-lru-6.0.1.tgz#558bd6b7232b8b9dfa482147539676fdd75a3a07"
+  integrity sha512-k/vdHz+bFALjmik0URLWBYNuO0hCABTL5dullbZBXvFDdlL8RrKaeLR6YuHfX+6ZXOLkHw+HpNLCUA7DtLMQmg==
+
 tmpl@1.0.x:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/tmpl/-/tmpl-1.0.4.tgz#23640dd7b42d00433911140820e5cf440e521dd1"