From 089f1b56bd6f0342b021e43f02de03d0f1a32d27 Mon Sep 17 00:00:00 2001 From: Tben Date: Wed, 9 Aug 2023 16:38:39 +0100 Subject: [PATCH] updates --- index.js | 4 ++ package.json | 2 +- users/get-token.js | 120 ++++++++++++++++++++++++++++++++++++++++ users/validate-token.js | 96 ++++++++++++++++++++++++++++++++ 4 files changed, 221 insertions(+), 1 deletion(-) create mode 100644 users/get-token.js create mode 100644 users/validate-token.js diff --git a/index.js b/index.js index d279b71..7a14fe3 100644 --- a/index.js +++ b/index.js @@ -15,6 +15,8 @@ const reAuthUser = require("./users/reauth-user"); const getUser = require("./users/get-user"); const loginWithGoogle = require("./users/social/google-auth"); const loginWithGithub = require("./users/social/github-auth"); +const getToken = require("./users/get-token"); +const validateToken = require("./users/validate-token"); const sanitizeSql = require("./utils/functions/sanitizeSql"); //////////////////////////////////////// @@ -32,6 +34,8 @@ const user = { reAuthUser: reAuthUser, updateUser: updateUser, getUser: getUser, + getToken: getToken, + validateToken: validateToken, social: { loginWithGoogle: loginWithGoogle, loginWithGithub: loginWithGithub, diff --git a/package.json b/package.json index f4ec942..fa5660a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "datasquirel", - "version": "1.4.1", + "version": "1.4.2", "description": "Cloud-based SQL data management tool", "main": "index.js", "scripts": { diff --git a/users/get-token.js b/users/get-token.js new file mode 100644 index 0000000..9a5a7f0 --- /dev/null +++ b/users/get-token.js @@ -0,0 +1,120 @@ +// @ts-check + +/** + * ============================================================================== + * Imports + * ============================================================================== + */ +const http = require("http"); +const decrypt = require("../functions/decrypt"); +const parseCookies = require("../utils/functions/parseCookies"); + +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ + +/** + * Get just the access token for user + * ============================================================================== + * @description This Function takes in a request object and returns a user token + * string and csrf token string + * + * @param {Object} params - Arg + * @param {http.IncomingMessage} params.request - Http request object + * @param {string} params.encryptionKey - Encryption Key + * @param {string} params.encryptionSalt - Encryption Salt + * @param {("deep" | "normal")?} [params.level] - Optional. "Deep" value indicates an extra layer of security + * @param {string} params.database - Database Name + * + * @returns {{ key: string | undefined, csrf: string | undefined }} + */ +function getToken({ request, encryptionKey, encryptionSalt, level, database }) { + try { + /** + * Grab the payload + * + * @description Grab the payload + */ + const cookies = parseCookies({ request }); + const dsqluid = cookies.dsqluid; + const authKeyName = `datasquirel_${dsqluid}_${database}_auth_key`; + const csrfName = `datasquirel_${dsqluid}_${database}_csrf`; + + const key = cookies[authKeyName]; + const csrf = cookies[csrfName]; + + /** + * Grab the payload + * + * @description Grab the payload + */ + let userPayload = decrypt({ + encryptedString: key, + encryptionKey, + encryptionSalt, + }); + + /** + * Grab the payload + * + * @description Grab the payload + */ + if (!userPayload) { + return { key: undefined, csrf: undefined }; + } + + /** + * Grab the payload + * + * @description Grab the payload + */ + let userObject = JSON.parse(userPayload); + + if (!userObject.csrf_k) { + return { key: undefined, csrf: undefined }; + } + + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + + /** + * Grab the payload + * + * @description Grab the payload + */ + if (level?.match(/deep/i) && !csrf?.match(new RegExp(`${userObject.csrf_k}`))) { + return { key: undefined, csrf: undefined }; + } + + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + + /** + * Return User Object + * + * @description Return User Object + */ + return { key, csrf }; + } catch (error) { + /** + * Return User Object + * + * @description Return User Object + */ + return { + key: undefined, + csrf: undefined, + }; + } +} + +/** ********************************************** */ +/** ********************************************** */ +/** ********************************************** */ + +module.exports = getToken; diff --git a/users/validate-token.js b/users/validate-token.js new file mode 100644 index 0000000..b16381a --- /dev/null +++ b/users/validate-token.js @@ -0,0 +1,96 @@ +// @ts-check + +/** + * ============================================================================== + * Imports + * ============================================================================== + */ +const http = require("http"); +const decrypt = require("../functions/decrypt"); + +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ + +/** + * Validate Token + * ============================================================================== + * @description This Function takes in a encrypted token and returns a user object + * + * @param {Object} params - Arg + * @param {http.IncomingMessage} params.token - Http request object + * @param {string} params.encryptionKey - Encryption Key + * @param {string} params.encryptionSalt - Encryption Salt + * @param {("deep" | "normal")?} [params.level] - Optional. "Deep" value indicates an extra layer of security + * @param {string} params.database - Database Name + * + * @returns { import("../types/user.td").DATASQUIREL_LoggedInUser | null} + */ +function validateToken({ token, encryptionKey, encryptionSalt }) { + try { + /** + * Grab the payload + * + * @description Grab the payload + */ + const key = token; + + /** + * Grab the payload + * + * @description Grab the payload + */ + let userPayload = decrypt({ + encryptedString: key, + encryptionKey, + encryptionSalt, + }); + + /** + * Grab the payload + * + * @description Grab the payload + */ + if (!userPayload) { + return null; + } + + /** + * Grab the payload + * + * @description Grab the payload + */ + let userObject = JSON.parse(userPayload); + + if (!userObject.csrf_k) { + return null; + } + + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + + /** + * Return User Object + * + * @description Return User Object + */ + return userObject; + } catch (error) { + /** + * Return User Object + * + * @description Return User Object + */ + return null; + } +} + +/** ********************************************** */ +/** ********************************************** */ +/** ********************************************** */ + +module.exports = validateToken;