datasquirel/users/social/github-auth.js

291 lines
9.2 KiB
JavaScript
Raw Permalink Normal View History

2023-09-21 14:00:04 +00:00
// @ts-check
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
const http = require("http");
const https = require("https");
const fs = require("fs");
const path = require("path");
2024-12-06 10:31:24 +00:00
const encrypt = require("../../package-shared/functions/dsql/encrypt");
2024-11-13 13:13:10 +00:00
const grabHostNames = require("../../package-shared/utils/grab-host-names");
2024-12-06 10:31:24 +00:00
const apiGithubLogin = require("../../package-shared/functions/api/users/social/api-github-login");
2023-09-21 14:00:04 +00:00
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* @typedef {object} FunctionReturn
* @property {boolean} success - Did the function run successfully?
* @property {{id: number, first_name: string, last_name: string, csrf_k: string, social_id: string} | null} user - Returned User
* @property {number} [dsqlUserId] - Dsql User Id
* @property {string} [msg] - Response message
*/
/**
* SERVER FUNCTION: Login with google Function
* ==============================================================================
*
* @async
*
* @param {object} params - main params object
* @param {string} params.key - API full access key
* @param {string} params.code - Github access code gotten from the client side
* @param {string?} params.email - Email gotten from the client side if available
* @param {string} params.database - Target database name(slug)
* @param {string} params.clientId - Github client id
* @param {string} params.clientSecret - Github client Secret
* @param {http.ServerResponse} params.response - HTTPS response object
* @param {string} params.encryptionKey - Encryption key
* @param {string} params.encryptionSalt - Encryption salt
2024-12-08 08:58:57 +00:00
* @param {string[]} [params.additionalFields] - Additional Fields to be added to the user object
* @param {boolean} [params.user_id] - User ID
2023-09-21 14:00:04 +00:00
*
* @returns { Promise<FunctionReturn | undefined> }
*/
2023-09-21 16:51:08 +00:00
async function githubAuth({
key,
code,
email,
database,
clientId,
clientSecret,
response,
encryptionKey,
encryptionSalt,
additionalFields,
user_id,
2023-09-21 16:51:08 +00:00
}) {
2023-09-21 14:00:04 +00:00
/**
* Check inputs
*
* @description Check inputs
*/
const grabedHostNames = grabHostNames();
const { host, port, scheme } = grabedHostNames;
2023-09-21 16:51:08 +00:00
2023-09-21 14:00:04 +00:00
if (!key || key?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter API full access Key",
};
}
if (!code || code?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter Github Access Token",
};
}
if (!database || database?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide database slug name you want to access",
};
}
if (!clientId || clientId?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter Github OAUTH client ID",
};
}
if (!response || !response?.setHeader) {
return {
success: false,
user: null,
msg: "Please provide a valid HTTPS response object",
};
}
if (!encryptionKey || encryptionKey?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide a valid encryption key",
};
}
if (!encryptionSalt || encryptionSalt?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide a valid encryption salt",
};
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/**
* Initialize HTTP response variable
*/
let httpResponse;
/**
* Check for local DB settings
*
* @description Look for local db settings in `.env` file and by pass the http request if available
*/
2023-09-21 16:51:08 +00:00
const {
2024-12-09 11:45:39 +00:00
DSQL_DB_HOST,
DSQL_DB_USERNAME,
DSQL_DB_PASSWORD,
2023-09-21 16:51:08 +00:00
DSQL_DB_NAME,
DSQL_KEY,
DSQL_REF_DB_NAME,
DSQL_FULL_SYNC,
} = process.env;
if (
2024-12-09 11:45:39 +00:00
DSQL_DB_HOST?.match(/./) &&
DSQL_DB_USERNAME?.match(/./) &&
DSQL_DB_PASSWORD?.match(/./) &&
2023-09-21 16:51:08 +00:00
DSQL_DB_NAME?.match(/./)
) {
2024-10-19 16:45:42 +00:00
/** @type {import("../../package-shared/types").DSQL_DatabaseSchemaType | undefined | undefined} */
2023-09-21 14:00:04 +00:00
let dbSchema;
try {
2023-09-21 16:51:08 +00:00
const localDbSchemaPath = path.resolve(
process.cwd(),
"dsql.schema.json"
);
2023-09-21 14:00:04 +00:00
dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8"));
} catch (error) {}
2024-12-09 11:45:39 +00:00
httpResponse = await apiGithubLogin({
code,
email: email || undefined,
clientId,
clientSecret,
additionalFields,
res: response,
database: DSQL_DB_NAME,
});
2023-09-21 14:00:04 +00:00
} else {
/**
* Make https request
*
* @description make a request to datasquirel.com
* @type {FunctionReturn} - Https response object
*/
httpResponse = await new Promise((resolve, reject) => {
const reqPayload = JSON.stringify({
code,
email,
clientId,
clientSecret,
database,
additionalFields,
});
2024-11-13 13:13:10 +00:00
const httpsRequest = scheme.request(
2023-09-21 14:00:04 +00:00
{
method: "POST",
headers: {
"Content-Type": "application/json",
"Content-Length": Buffer.from(reqPayload).length,
2024-11-15 14:37:53 +00:00
Authorization:
key ||
process.env.DSQL_FULL_ACCESS_API_KEY ||
process.env.DSQL_API_KEY,
2023-09-21 14:00:04 +00:00
},
2024-11-13 13:13:10 +00:00
port,
hostname: host,
path: `/api/user/${
user_id || grabedHostNames.user_id
}/github-login`,
2023-09-21 14:00:04 +00:00
},
/**
* Callback Function
*
* @description https request callback
*/
(response) => {
var str = "";
response.on("data", function (chunk) {
str += chunk;
});
response.on("end", function () {
try {
resolve(JSON.parse(str));
} catch (error) {
console.log(error);
resolve({
success: false,
user: null,
msg: "Something went wrong",
});
}
});
response.on("error", (err) => {
reject(err);
});
}
);
httpsRequest.write(reqPayload);
httpsRequest.end();
});
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
if (httpResponse?.success && httpResponse?.user) {
let encryptedPayload = encrypt({
data: JSON.stringify(httpResponse.user),
encryptionKey,
encryptionSalt,
});
const { user, dsqlUserId } = httpResponse;
const authKeyName = `datasquirel_${dsqlUserId}_${database}_auth_key`;
const csrfName = `datasquirel_${dsqlUserId}_${database}_csrf`;
2023-09-21 16:51:08 +00:00
response.setHeader("Set-Cookie", [
`${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`,
`${csrfName}=${user.csrf_k};samesite=strict;path=/;HttpOnly=true`,
`dsqluid=${dsqlUserId};samesite=strict;path=/;HttpOnly=true`,
`datasquirel_social_id=${user.social_id};samesite=strict;path=/`,
]);
2023-09-21 14:00:04 +00:00
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
return httpResponse;
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
module.exports = githubAuth;