2023-05-06 11:14:09 +00:00
|
|
|
/**
|
|
|
|
* ==============================================================================
|
|
|
|
* Imports
|
|
|
|
* ==============================================================================
|
|
|
|
*/
|
|
|
|
const decrypt = require("../functions/decrypt");
|
2023-06-24 12:09:26 +00:00
|
|
|
const parseCookies = require("../utils/functions/parseCookies");
|
2023-05-06 11:14:09 +00:00
|
|
|
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
|
2023-05-23 14:06:59 +00:00
|
|
|
/**
|
2023-07-24 13:37:08 +00:00
|
|
|
* @typedef {object} AuthenticatedUserObject
|
2023-05-23 14:06:59 +00:00
|
|
|
* @property {boolean} success - Did the function run successfully?
|
|
|
|
* @property {{
|
|
|
|
* id: number,
|
|
|
|
* first_name: string,
|
|
|
|
* last_name: string,
|
|
|
|
* username: string,
|
|
|
|
* email: string,
|
|
|
|
* phone: string,
|
|
|
|
* social_id: [string],
|
|
|
|
* image: string,
|
|
|
|
* image_thumbnail: string,
|
|
|
|
* verification_status: [number=0],
|
|
|
|
* social_login: [number],
|
|
|
|
* social_platform: [string],
|
|
|
|
* csrf_k: string,
|
|
|
|
* more_data: [string],
|
|
|
|
* logged_in_status: boolean,
|
|
|
|
* date: string,
|
|
|
|
* }} payload - Payload
|
|
|
|
* @property {string} [msg] - Response Message
|
|
|
|
*/
|
|
|
|
|
2023-05-06 11:14:09 +00:00
|
|
|
/**
|
2023-07-24 13:37:08 +00:00
|
|
|
* Authenticate User from request
|
2023-05-06 11:14:09 +00:00
|
|
|
* ==============================================================================
|
2023-07-24 13:37:08 +00:00
|
|
|
* @description This Function takes in a request object and returns a user object
|
|
|
|
* with the user's data
|
|
|
|
*
|
2023-05-23 11:16:10 +00:00
|
|
|
* @param {Object} params - Arg
|
|
|
|
* @param {Object} params.request - Http request object
|
|
|
|
* @param {String} params.encryptionKey - Encryption Key
|
|
|
|
* @param {String} params.encryptionSalt - Encryption Salt
|
|
|
|
* @param {String} params.level - Optional. "Deep" value indicates an extra layer of security
|
|
|
|
* @param {String} params.database - Database Name
|
2023-05-23 14:06:59 +00:00
|
|
|
*
|
2023-07-24 13:37:08 +00:00
|
|
|
* @returns { AuthenticatedUserObject }
|
2023-05-06 11:14:09 +00:00
|
|
|
*/
|
2023-07-07 19:13:13 +00:00
|
|
|
function userAuth({ request, encryptionKey, encryptionSalt, level, database }) {
|
2023-05-06 13:15:22 +00:00
|
|
|
try {
|
2023-05-06 13:29:42 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
2023-06-24 12:09:26 +00:00
|
|
|
const cookies = parseCookies({ request });
|
|
|
|
const dsqluid = cookies.dsqluid;
|
2023-05-09 14:12:55 +00:00
|
|
|
const authKeyName = `datasquirel_${dsqluid}_${database}_auth_key`;
|
|
|
|
const csrfName = `datasquirel_${dsqluid}_${database}_csrf`;
|
|
|
|
|
2023-06-24 12:09:26 +00:00
|
|
|
const key = cookies[authKeyName];
|
|
|
|
const csrf = cookies[csrfName];
|
2023-05-06 13:29:42 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
let userPayload = decrypt({
|
2023-05-09 14:12:55 +00:00
|
|
|
encryptedString: key,
|
2023-05-06 13:15:22 +00:00
|
|
|
encryptionKey,
|
|
|
|
encryptionSalt,
|
|
|
|
});
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
if (!userPayload) {
|
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "Couldn't Decrypt cookie",
|
|
|
|
};
|
|
|
|
}
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
let userObject = JSON.parse(userPayload);
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
if (!userObject.csrf_k) {
|
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "No CSRF_K in decrypted payload",
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
2023-05-06 13:29:42 +00:00
|
|
|
if (level?.match(/deep/i) && !csrf?.match(new RegExp(`${userObject.csrf_k}`))) {
|
2023-05-06 13:15:22 +00:00
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "CSRF_K requested but does not match payload",
|
|
|
|
};
|
|
|
|
}
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Return User Object
|
|
|
|
*
|
|
|
|
* @description Return User Object
|
|
|
|
*/
|
|
|
|
return {
|
|
|
|
success: true,
|
|
|
|
payload: userObject,
|
|
|
|
};
|
|
|
|
} catch (error) {
|
|
|
|
/**
|
|
|
|
* Return User Object
|
|
|
|
*
|
|
|
|
* @description Return User Object
|
|
|
|
*/
|
2023-05-06 11:14:09 +00:00
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
2023-05-06 13:15:22 +00:00
|
|
|
msg: error.message,
|
2023-05-06 11:14:09 +00:00
|
|
|
};
|
|
|
|
}
|
2023-07-07 19:13:13 +00:00
|
|
|
}
|
2023-05-06 11:14:09 +00:00
|
|
|
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
2023-07-07 19:13:13 +00:00
|
|
|
|
|
|
|
module.exports = userAuth;
|