Update reauth function

This commit is contained in:
Benjamin Toby 2024-08-16 07:48:12 +01:00
parent 607552d451
commit 0e266f3df2
2 changed files with 17 additions and 3 deletions

View File

@ -44,6 +44,7 @@ const localReauthUser = require("../engine/user/reauth-user");
* @param {String} params.encryptionKey - Encryption Key * @param {String} params.encryptionKey - Encryption Key
* @param {String} params.encryptionSalt - Encryption Salt * @param {String} params.encryptionSalt - Encryption Salt
* @param {string[]} [params.additionalFields] - Additional Fields to be added to the user object * @param {string[]} [params.additionalFields] - Additional Fields to be added to the user object
* @param {string} [params.token] - access token to use instead of getting from cookie header
* *
* @returns { Promise<FunctionReturn> } * @returns { Promise<FunctionReturn> }
*/ */
@ -56,6 +57,7 @@ async function reauthUser({
encryptionKey, encryptionKey,
encryptionSalt, encryptionSalt,
additionalFields, additionalFields,
token,
}) { }) {
/** /**
* Check Encryption Keys * Check Encryption Keys
@ -72,6 +74,7 @@ async function reauthUser({
encryptionSalt, encryptionSalt,
level, level,
request, request,
token,
}); });
if (!existingUser?.payload?.id) { if (!existingUser?.payload?.id) {

View File

@ -35,10 +35,18 @@ const parseCookies = require("../utils/functions/parseCookies");
* @param {string} params.encryptionSalt - Encryption Salt * @param {string} params.encryptionSalt - Encryption Salt
* @param {("deep" | "normal")} [params.level] - Optional. "Deep" value indicates an extra layer of security * @param {("deep" | "normal")} [params.level] - Optional. "Deep" value indicates an extra layer of security
* @param {string} params.database - Database Name * @param {string} params.database - Database Name
* @param {string} [params.token] - access token to use instead of getting from cookie header
* *
* @returns { AuthenticatedUserObject } * @returns { AuthenticatedUserObject }
*/ */
function userAuth({ request, encryptionKey, encryptionSalt, level, database }) { function userAuth({
request,
encryptionKey,
encryptionSalt,
level,
database,
token,
}) {
try { try {
/** /**
* Grab the payload * Grab the payload
@ -50,7 +58,7 @@ function userAuth({ request, encryptionKey, encryptionSalt, level, database }) {
const authKeyName = `datasquirel_${dsqluid}_${database}_auth_key`; const authKeyName = `datasquirel_${dsqluid}_${database}_auth_key`;
const csrfName = `datasquirel_${dsqluid}_${database}_csrf`; const csrfName = `datasquirel_${dsqluid}_${database}_csrf`;
const key = cookies[authKeyName]; const key = token ? token : cookies[authKeyName];
const csrf = cookies[csrfName]; const csrf = cookies[csrfName];
/** /**
@ -101,7 +109,10 @@ function userAuth({ request, encryptionKey, encryptionSalt, level, database }) {
* *
* @description Grab the payload * @description Grab the payload
*/ */
if (level?.match(/deep/i) && !csrf?.match(new RegExp(`${userObject.csrf_k}`))) { if (
level?.match(/deep/i) &&
!csrf?.match(new RegExp(`${userObject.csrf_k}`))
) {
return { return {
success: false, success: false,
payload: null, payload: null,