datasquirel/users/logout-user.js

109 lines
3.6 KiB
JavaScript
Raw Permalink Normal View History

2023-09-21 14:00:04 +00:00
// @ts-check
const http = require("http");
2024-12-06 11:55:03 +00:00
const getAuthCookieNames = require("../package-shared/functions/backend/cookies/get-auth-cookie-names");
2024-12-08 08:58:57 +00:00
const decrypt = require("../package-shared/functions/dsql/decrypt");
const EJSON = require("../package-shared/utils/ejson");
const {
deleteAuthFile,
} = require("../package-shared/functions/backend/auth/write-auth-files");
2024-12-10 18:05:05 +00:00
const parseCookies = require("../package-shared/utils/backend/parseCookies");
2023-09-21 14:00:04 +00:00
/**
* Logout user
* ==============================================================================
* @param {object} params - Single Param object containing params
2024-12-10 18:05:05 +00:00
* @param {string} [params.encryptedUserString] - Encrypted User String
* @param {http.IncomingMessage & Object<string, any>} [params.request] - Request Object
2024-12-08 08:58:57 +00:00
* @param {http.ServerResponse & Object<string, any>} [params.response] - Http response object
2024-12-13 13:08:41 +00:00
* @param {string} [params.cookieString]
2024-12-08 08:58:57 +00:00
* @param {string} [params.database] - Target database name(slug): optional
* @param {string | number} [params.dsqlUserId]
2023-09-21 14:00:04 +00:00
*
2024-12-10 18:14:00 +00:00
* @returns {{success: boolean, msg: string, cookieNames?: any}}
2023-09-21 14:00:04 +00:00
*/
2024-12-10 18:05:05 +00:00
function logoutUser({
response,
database,
dsqlUserId,
encryptedUserString,
request,
2024-12-13 13:08:41 +00:00
cookieString,
2024-12-10 18:05:05 +00:00
}) {
2023-09-21 14:00:04 +00:00
/**
* Check Encryption Keys
*
* @description Check Encryption Keys
*/
try {
2024-12-10 18:05:05 +00:00
const cookieNames = getAuthCookieNames({
database,
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
2024-12-08 08:58:57 +00:00
});
2024-12-10 18:05:05 +00:00
const authKeyName = cookieNames.keyCookieName;
const csrfName = cookieNames.csrfCookieName;
2024-12-10 18:19:12 +00:00
const oneTimeCodeName = getAuthCookieNames().oneTimeCodeName;
2024-12-10 18:05:05 +00:00
/** @type {string | undefined} */
const decryptedUserJSON = (() => {
try {
if (request) {
2024-12-13 13:08:41 +00:00
const cookiesObject = parseCookies({
request,
cookieString,
});
2024-12-10 18:05:05 +00:00
return decrypt({
encryptedString: cookiesObject[authKeyName],
});
} else if (encryptedUserString) {
return decrypt({
encryptedString: encryptedUserString,
});
} else {
return undefined;
}
} catch (/** @type {any} */ error) {
console.log(
"Error getting decrypted User JSON to logout:",
error.message
);
return undefined;
}
})();
if (!decryptedUserJSON) throw new Error("Invalid User");
2024-12-08 08:58:57 +00:00
const userObject =
/** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser | undefined} */ (
EJSON.parse(decryptedUserJSON)
);
2023-09-21 14:00:04 +00:00
2024-12-08 08:58:57 +00:00
if (!userObject?.csrf_k)
throw new Error("Invalid User. Please check key");
2024-12-06 11:55:03 +00:00
2024-12-08 08:58:57 +00:00
response?.setHeader("Set-Cookie", [
`${authKeyName}=null;max-age=0`,
`${csrfName}=null;max-age=0`,
2024-12-10 18:19:12 +00:00
`${oneTimeCodeName}=null;max-age=0`,
2024-12-08 08:58:57 +00:00
]);
2023-09-21 14:00:04 +00:00
2024-12-08 08:58:57 +00:00
const csrf = userObject.csrf_k;
deleteAuthFile(csrf);
2023-09-21 14:00:04 +00:00
return {
success: true,
2024-12-10 18:14:00 +00:00
msg: "User Logged Out",
2024-12-08 08:58:57 +00:00
cookieNames,
2023-09-21 14:00:04 +00:00
};
2024-12-10 18:14:00 +00:00
} catch (/** @type {any} */ error) {
console.log("Logout Error:", error.message);
2023-09-21 14:00:04 +00:00
return {
success: false,
2024-12-10 18:14:00 +00:00
msg: "Logout Failed",
2023-09-21 14:00:04 +00:00
};
}
}
module.exports = logoutUser;