updates
This commit is contained in:
parent
6b77ae9f3c
commit
089f1b56bd
4
index.js
4
index.js
@ -15,6 +15,8 @@ const reAuthUser = require("./users/reauth-user");
|
|||||||
const getUser = require("./users/get-user");
|
const getUser = require("./users/get-user");
|
||||||
const loginWithGoogle = require("./users/social/google-auth");
|
const loginWithGoogle = require("./users/social/google-auth");
|
||||||
const loginWithGithub = require("./users/social/github-auth");
|
const loginWithGithub = require("./users/social/github-auth");
|
||||||
|
const getToken = require("./users/get-token");
|
||||||
|
const validateToken = require("./users/validate-token");
|
||||||
const sanitizeSql = require("./utils/functions/sanitizeSql");
|
const sanitizeSql = require("./utils/functions/sanitizeSql");
|
||||||
|
|
||||||
////////////////////////////////////////
|
////////////////////////////////////////
|
||||||
@ -32,6 +34,8 @@ const user = {
|
|||||||
reAuthUser: reAuthUser,
|
reAuthUser: reAuthUser,
|
||||||
updateUser: updateUser,
|
updateUser: updateUser,
|
||||||
getUser: getUser,
|
getUser: getUser,
|
||||||
|
getToken: getToken,
|
||||||
|
validateToken: validateToken,
|
||||||
social: {
|
social: {
|
||||||
loginWithGoogle: loginWithGoogle,
|
loginWithGoogle: loginWithGoogle,
|
||||||
loginWithGithub: loginWithGithub,
|
loginWithGithub: loginWithGithub,
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "datasquirel",
|
"name": "datasquirel",
|
||||||
"version": "1.4.1",
|
"version": "1.4.2",
|
||||||
"description": "Cloud-based SQL data management tool",
|
"description": "Cloud-based SQL data management tool",
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
120
users/get-token.js
Normal file
120
users/get-token.js
Normal file
@ -0,0 +1,120 @@
|
|||||||
|
// @ts-check
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ==============================================================================
|
||||||
|
* Imports
|
||||||
|
* ==============================================================================
|
||||||
|
*/
|
||||||
|
const http = require("http");
|
||||||
|
const decrypt = require("../functions/decrypt");
|
||||||
|
const parseCookies = require("../utils/functions/parseCookies");
|
||||||
|
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get just the access token for user
|
||||||
|
* ==============================================================================
|
||||||
|
* @description This Function takes in a request object and returns a user token
|
||||||
|
* string and csrf token string
|
||||||
|
*
|
||||||
|
* @param {Object} params - Arg
|
||||||
|
* @param {http.IncomingMessage} params.request - Http request object
|
||||||
|
* @param {string} params.encryptionKey - Encryption Key
|
||||||
|
* @param {string} params.encryptionSalt - Encryption Salt
|
||||||
|
* @param {("deep" | "normal")?} [params.level] - Optional. "Deep" value indicates an extra layer of security
|
||||||
|
* @param {string} params.database - Database Name
|
||||||
|
*
|
||||||
|
* @returns {{ key: string | undefined, csrf: string | undefined }}
|
||||||
|
*/
|
||||||
|
function getToken({ request, encryptionKey, encryptionSalt, level, database }) {
|
||||||
|
try {
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
const cookies = parseCookies({ request });
|
||||||
|
const dsqluid = cookies.dsqluid;
|
||||||
|
const authKeyName = `datasquirel_${dsqluid}_${database}_auth_key`;
|
||||||
|
const csrfName = `datasquirel_${dsqluid}_${database}_csrf`;
|
||||||
|
|
||||||
|
const key = cookies[authKeyName];
|
||||||
|
const csrf = cookies[csrfName];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
let userPayload = decrypt({
|
||||||
|
encryptedString: key,
|
||||||
|
encryptionKey,
|
||||||
|
encryptionSalt,
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
if (!userPayload) {
|
||||||
|
return { key: undefined, csrf: undefined };
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
let userObject = JSON.parse(userPayload);
|
||||||
|
|
||||||
|
if (!userObject.csrf_k) {
|
||||||
|
return { key: undefined, csrf: undefined };
|
||||||
|
}
|
||||||
|
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
if (level?.match(/deep/i) && !csrf?.match(new RegExp(`${userObject.csrf_k}`))) {
|
||||||
|
return { key: undefined, csrf: undefined };
|
||||||
|
}
|
||||||
|
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return User Object
|
||||||
|
*
|
||||||
|
* @description Return User Object
|
||||||
|
*/
|
||||||
|
return { key, csrf };
|
||||||
|
} catch (error) {
|
||||||
|
/**
|
||||||
|
* Return User Object
|
||||||
|
*
|
||||||
|
* @description Return User Object
|
||||||
|
*/
|
||||||
|
return {
|
||||||
|
key: undefined,
|
||||||
|
csrf: undefined,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
|
||||||
|
module.exports = getToken;
|
96
users/validate-token.js
Normal file
96
users/validate-token.js
Normal file
@ -0,0 +1,96 @@
|
|||||||
|
// @ts-check
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ==============================================================================
|
||||||
|
* Imports
|
||||||
|
* ==============================================================================
|
||||||
|
*/
|
||||||
|
const http = require("http");
|
||||||
|
const decrypt = require("../functions/decrypt");
|
||||||
|
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
/** ****************************************************************************** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate Token
|
||||||
|
* ==============================================================================
|
||||||
|
* @description This Function takes in a encrypted token and returns a user object
|
||||||
|
*
|
||||||
|
* @param {Object} params - Arg
|
||||||
|
* @param {http.IncomingMessage} params.token - Http request object
|
||||||
|
* @param {string} params.encryptionKey - Encryption Key
|
||||||
|
* @param {string} params.encryptionSalt - Encryption Salt
|
||||||
|
* @param {("deep" | "normal")?} [params.level] - Optional. "Deep" value indicates an extra layer of security
|
||||||
|
* @param {string} params.database - Database Name
|
||||||
|
*
|
||||||
|
* @returns { import("../types/user.td").DATASQUIREL_LoggedInUser | null}
|
||||||
|
*/
|
||||||
|
function validateToken({ token, encryptionKey, encryptionSalt }) {
|
||||||
|
try {
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
const key = token;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
let userPayload = decrypt({
|
||||||
|
encryptedString: key,
|
||||||
|
encryptionKey,
|
||||||
|
encryptionSalt,
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
if (!userPayload) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Grab the payload
|
||||||
|
*
|
||||||
|
* @description Grab the payload
|
||||||
|
*/
|
||||||
|
let userObject = JSON.parse(userPayload);
|
||||||
|
|
||||||
|
if (!userObject.csrf_k) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return User Object
|
||||||
|
*
|
||||||
|
* @description Return User Object
|
||||||
|
*/
|
||||||
|
return userObject;
|
||||||
|
} catch (error) {
|
||||||
|
/**
|
||||||
|
* Return User Object
|
||||||
|
*
|
||||||
|
* @description Return User Object
|
||||||
|
*/
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
/** ********************************************** */
|
||||||
|
|
||||||
|
module.exports = validateToken;
|
Loading…
Reference in New Issue
Block a user