2023-05-06 11:14:09 +00:00
|
|
|
/**
|
|
|
|
* ==============================================================================
|
|
|
|
* Imports
|
|
|
|
* ==============================================================================
|
|
|
|
*/
|
|
|
|
const decrypt = require("../functions/decrypt");
|
|
|
|
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
/** ****************************************************************************** */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ==============================================================================
|
|
|
|
* Main Function
|
|
|
|
* ==============================================================================
|
|
|
|
* @param {Object} request - Http request object
|
|
|
|
* @param {String} encryptionKey - Encryption Key
|
|
|
|
* @param {String} encryptionSalt - Encryption Salt
|
|
|
|
*/
|
2023-05-06 13:29:42 +00:00
|
|
|
module.exports = function ({ request, encryptionKey, encryptionSalt, level }) {
|
2023-05-06 13:15:22 +00:00
|
|
|
try {
|
2023-05-06 13:29:42 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
const csrf = request.cookies.csrf;
|
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
let userPayload = decrypt({
|
|
|
|
encryptedString: request.cookies.datasquirelAuthKey,
|
|
|
|
encryptionKey,
|
|
|
|
encryptionSalt,
|
|
|
|
});
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
if (!userPayload) {
|
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "Couldn't Decrypt cookie",
|
|
|
|
};
|
|
|
|
}
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
|
|
|
let userObject = JSON.parse(userPayload);
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
if (!userObject.csrf_k) {
|
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "No CSRF_K in decrypted payload",
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Grab the payload
|
|
|
|
*
|
|
|
|
* @description Grab the payload
|
|
|
|
*/
|
2023-05-06 13:29:42 +00:00
|
|
|
if (level?.match(/deep/i) && !csrf?.match(new RegExp(`${userObject.csrf_k}`))) {
|
2023-05-06 13:15:22 +00:00
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
|
|
|
msg: "CSRF_K requested but does not match payload",
|
|
|
|
};
|
|
|
|
}
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
2023-05-06 11:14:09 +00:00
|
|
|
|
2023-05-06 13:15:22 +00:00
|
|
|
/**
|
|
|
|
* Return User Object
|
|
|
|
*
|
|
|
|
* @description Return User Object
|
|
|
|
*/
|
|
|
|
return {
|
|
|
|
success: true,
|
|
|
|
payload: userObject,
|
|
|
|
};
|
|
|
|
} catch (error) {
|
|
|
|
/**
|
|
|
|
* Return User Object
|
|
|
|
*
|
|
|
|
* @description Return User Object
|
|
|
|
*/
|
2023-05-06 11:14:09 +00:00
|
|
|
return {
|
|
|
|
success: false,
|
|
|
|
payload: null,
|
2023-05-06 13:15:22 +00:00
|
|
|
msg: error.message,
|
2023-05-06 11:14:09 +00:00
|
|
|
};
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|
|
|
|
/** ********************************************** */
|