datasquirel/users/social/google-auth.js

199 lines
6.3 KiB
JavaScript
Raw Normal View History

2023-08-07 03:42:49 +00:00
// @ts-check
2023-06-24 09:20:05 +00:00
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
2023-08-07 03:42:49 +00:00
const http = require("http");
2023-06-24 09:20:05 +00:00
const https = require("https");
const encrypt = require("../../functions/encrypt");
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
2023-08-07 03:42:49 +00:00
* @typedef {object | null} FunctionReturn
2023-06-24 09:20:05 +00:00
* @property {boolean} success - Did the function run successfully?
2023-08-07 03:42:49 +00:00
* @property {import("../../types/user.td").DATASQUIREL_LoggedInUser | null} user - Returned User
* @property {number} [dsqlUserId] - Dsql User Id
2023-06-24 09:20:05 +00:00
* @property {string} [msg] - Response message
*/
/**
* SERVER FUNCTION: Login with google Function
* ==============================================================================
*
* @async
*
* @param {object} params - main params object
* @param {string} params.key - API full access key
* @param {string} params.token - Google access token gotten from the client side
* @param {string} params.database - Target database name(slug)
* @param {string} params.clientId - Google client id
2023-08-07 03:42:49 +00:00
* @param {http.ServerResponse} params.response - HTTPS response object
2023-06-24 09:20:05 +00:00
* @param {string} params.encryptionKey - Encryption key
* @param {string} params.encryptionSalt - Encryption salt
2023-08-06 16:11:11 +00:00
* @param {object} [params.additionalFields] - Additional Fields to be added to the user object
2023-06-24 09:20:05 +00:00
*
* @returns { Promise<FunctionReturn> }
*/
2023-08-06 16:11:11 +00:00
async function googleAuth({ key, token, database, clientId, response, encryptionKey, encryptionSalt, additionalFields }) {
2023-06-24 09:20:05 +00:00
/**
* Check inputs
*
* @description Check inputs
*/
if (!key || key?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter API full access Key",
};
}
if (!token || token?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter Google Access Token",
};
}
if (!database || database?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide database slug name you want to access",
};
}
if (!clientId || clientId?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please enter Google OAUTH client ID",
};
}
if (!response || !response?.setHeader) {
return {
success: false,
user: null,
msg: "Please provide a valid HTTPS response object",
};
}
if (!encryptionKey || encryptionKey?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide a valid encryption key",
};
}
if (!encryptionSalt || encryptionSalt?.match(/ /)) {
return {
success: false,
user: null,
msg: "Please provide a valid encryption salt",
};
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/**
* Make https request
*
* @description make a request to datasquirel.com
2023-08-07 03:42:49 +00:00
* @type {{ success: boolean, user: import("../../types/user.td").DATASQUIREL_LoggedInUser | null, msg?: string, dsqlUserId?: number } | null } - Https response object
2023-06-24 09:20:05 +00:00
*/
const httpResponse = await new Promise((resolve, reject) => {
const reqPayload = JSON.stringify({
token,
clientId,
database,
2023-08-06 16:11:11 +00:00
additionalFields,
2023-06-24 09:20:05 +00:00
});
const httpsRequest = https.request(
{
method: "POST",
headers: {
"Content-Type": "application/json",
"Content-Length": Buffer.from(reqPayload).length,
Authorization: key,
},
port: 443,
hostname: "datasquirel.com",
path: `/api/user/google-login`,
},
/**
* Callback Function
*
* @description https request callback
*/
(response) => {
var str = "";
response.on("data", function (chunk) {
str += chunk;
});
response.on("end", function () {
resolve(JSON.parse(str));
});
response.on("error", (err) => {
reject(err);
});
}
);
httpsRequest.write(reqPayload);
httpsRequest.end();
});
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
if (httpResponse?.success && httpResponse?.user) {
let encryptedPayload = encrypt({
data: JSON.stringify(httpResponse.user),
encryptionKey,
encryptionSalt,
});
2023-06-24 12:09:26 +00:00
const { user, dsqlUserId } = httpResponse;
2023-06-24 09:20:05 +00:00
2023-06-24 12:09:26 +00:00
const authKeyName = `datasquirel_${dsqlUserId}_${database}_auth_key`;
const csrfName = `datasquirel_${dsqlUserId}_${database}_csrf`;
2023-06-24 09:20:05 +00:00
2023-06-24 12:09:26 +00:00
response.setHeader("Set-Cookie", [`${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`, `${csrfName}=${user.csrf_k};samesite=strict;path=/;HttpOnly=true`, `dsqluid=${dsqlUserId};samesite=strict;path=/;HttpOnly=true`, `datasquirel_social_id=${user.social_id};samesite=strict;path=/`]);
2023-06-24 09:20:05 +00:00
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
return httpResponse;
2023-07-07 19:13:13 +00:00
}
2023-06-24 09:20:05 +00:00
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
2023-07-07 19:13:13 +00:00
module.exports = googleAuth;