datasquirel/users/reauth-user.js

163 lines
5.4 KiB
JavaScript
Raw Normal View History

2023-08-07 03:42:49 +00:00
// @ts-check
2023-05-23 13:01:49 +00:00
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
2023-08-07 03:42:49 +00:00
const http = require("http");
2023-05-23 13:01:49 +00:00
const https = require("https");
const encrypt = require("../functions/encrypt");
const userAuth = require("./user-auth");
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* @typedef {object} FunctionReturn
* @property {boolean} success - Did the function run successfully?
2023-08-07 03:42:49 +00:00
* @property {import("../types/user.td").DATASQUIREL_LoggedInUser | null} payload - Payload
2023-05-23 13:01:49 +00:00
* @property {string} [msg] - Response Message
* @property {number} [userId] - user ID
*/
/**
* ==============================================================================
* Main Function
* ==============================================================================
* @async
*
* @param {object} params - Single Param object containing params
* @param {String} params.key - API Key
* @param {String} params.database - Target Database
2023-08-07 03:42:49 +00:00
* @param {http.ServerResponse} params.response - Http response object
* @param {http.IncomingMessage} params.request - Http request object
2023-08-12 04:20:17 +00:00
* @param {("deep" | "normal")} [params.level] - Authentication level
2023-05-23 13:01:49 +00:00
* @param {String} params.encryptionKey - Encryption Key
* @param {String} params.encryptionSalt - Encryption Salt
2023-08-12 04:20:17 +00:00
* @param {string[]} [params.additionalFields] - Additional Fields to be added to the user object
2023-05-23 13:01:49 +00:00
*
2023-05-23 14:06:59 +00:00
* @returns { Promise<FunctionReturn> }
2023-05-23 13:01:49 +00:00
*/
2023-08-12 04:20:17 +00:00
async function reauthUser({ key, database, response, request, level, encryptionKey, encryptionSalt, additionalFields }) {
2023-05-23 13:01:49 +00:00
/**
* Check Encryption Keys
*
* @description Check Encryption Keys
*/
const existingUser = userAuth({
database,
encryptionKey,
encryptionSalt,
level,
request,
});
2023-05-23 14:25:55 +00:00
if (!existingUser?.payload?.id) {
return {
success: false,
payload: null,
msg: "Cookie Credentials Invalid",
};
}
2023-08-12 15:46:00 +00:00
/**
* Check for local DB settings
*
* @description Look for local db settings in `.env` file and by pass the http request if available
*/
const { DSQL_HOST, DSQL_USER, DSQL_PASS, DSQL_DB_NAME, DSQL_KEY, DSQL_REF_DB_NAME, DSQL_FULL_SYNC } = process.env;
2023-05-23 13:01:49 +00:00
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
const httpResponse = await new Promise((resolve, reject) => {
const reqPayload = JSON.stringify({
2023-05-23 14:25:55 +00:00
existingUser: existingUser.payload,
2023-05-23 13:01:49 +00:00
database,
2023-08-12 04:20:17 +00:00
additionalFields,
2023-05-23 13:01:49 +00:00
});
const httpsRequest = https.request(
{
method: "POST",
headers: {
"Content-Type": "application/json",
"Content-Length": Buffer.from(reqPayload).length,
Authorization: key,
},
port: 443,
hostname: "datasquirel.com",
path: `/api/user/reauth-user`,
},
/**
* Callback Function
*
* @description https request callback
*/
(response) => {
var str = "";
response.on("data", function (chunk) {
str += chunk;
});
response.on("end", function () {
resolve(JSON.parse(str));
});
response.on("error", (err) => {
reject(err);
});
}
);
httpsRequest.write(reqPayload);
httpsRequest.end();
});
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
if (httpResponse?.success) {
let encryptedPayload = encrypt({
data: JSON.stringify(httpResponse.payload),
encryptionKey,
encryptionSalt,
});
const { userId } = httpResponse;
const authKeyName = `datasquirel_${userId}_${database}_auth_key`;
const csrfName = `datasquirel_${userId}_${database}_csrf`;
response.setHeader("Set-Cookie", [`${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`, `${csrfName}=${httpResponse.payload.csrf_k};samesite=strict;path=/;HttpOnly=true`, `dsqluid=${userId};samesite=strict;path=/;HttpOnly=true`]);
}
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
return httpResponse;
2023-07-07 19:13:13 +00:00
}
2023-05-23 13:01:49 +00:00
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
2023-07-07 19:13:13 +00:00
module.exports = reauthUser;