From 3b236b2ced392ffce43e325a3645acc3c53cbc09 Mon Sep 17 00:00:00 2001 From: Benjamin Toby Date: Tue, 10 Dec 2024 19:05:05 +0100 Subject: [PATCH] Updates --- package.json | 2 +- users/logout-user.d.ts | 10 +++++-- users/logout-user.js | 62 +++++++++++++++++++++++++++++------------- 3 files changed, 51 insertions(+), 23 deletions(-) diff --git a/package.json b/package.json index 4352676..47d321f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@moduletrace/datasquirel", - "version": "2.8.6", + "version": "2.8.7", "description": "Cloud-based SQL data management tool", "main": "index.js", "bin": { diff --git a/users/logout-user.d.ts b/users/logout-user.d.ts index 03aaf57..29ccadd 100644 --- a/users/logout-user.d.ts +++ b/users/logout-user.d.ts @@ -3,15 +3,19 @@ export = logoutUser; * Logout user * ============================================================================== * @param {object} params - Single Param object containing params - * @param {string} params.encryptedUserString - Encrypted User String + * @param {string} [params.encryptedUserString] - Encrypted User String + * @param {http.IncomingMessage & Object} [params.request] - Request Object * @param {http.ServerResponse & Object} [params.response] - Http response object * @param {string} [params.database] - Target database name(slug): optional * @param {string | number} [params.dsqlUserId] * * @returns {{success: boolean, payload: string, cookieNames?: any}} */ -declare function logoutUser({ response, database, dsqlUserId, encryptedUserString }: { - encryptedUserString: string; +declare function logoutUser({ response, database, dsqlUserId, encryptedUserString, request, }: { + encryptedUserString?: string; + request?: http.IncomingMessage & { + [x: string]: any; + }; response?: http.ServerResponse & { [x: string]: any; }; diff --git a/users/logout-user.js b/users/logout-user.js index c91a70a..ff8ba69 100644 --- a/users/logout-user.js +++ b/users/logout-user.js @@ -7,28 +7,67 @@ const EJSON = require("../package-shared/utils/ejson"); const { deleteAuthFile, } = require("../package-shared/functions/backend/auth/write-auth-files"); +const parseCookies = require("../package-shared/utils/backend/parseCookies"); /** * Logout user * ============================================================================== * @param {object} params - Single Param object containing params - * @param {string} params.encryptedUserString - Encrypted User String + * @param {string} [params.encryptedUserString] - Encrypted User String + * @param {http.IncomingMessage & Object} [params.request] - Request Object * @param {http.ServerResponse & Object} [params.response] - Http response object * @param {string} [params.database] - Target database name(slug): optional * @param {string | number} [params.dsqlUserId] * * @returns {{success: boolean, payload: string, cookieNames?: any}} */ -function logoutUser({ response, database, dsqlUserId, encryptedUserString }) { +function logoutUser({ + response, + database, + dsqlUserId, + encryptedUserString, + request, +}) { /** * Check Encryption Keys * * @description Check Encryption Keys */ try { - const decryptedUserJSON = decrypt({ - encryptedString: encryptedUserString, + const cookieNames = getAuthCookieNames({ + database, + userId: dsqlUserId || process.env.DSQL_API_USER_ID, }); + const authKeyName = cookieNames.keyCookieName; + const csrfName = cookieNames.csrfCookieName; + + /** @type {string | undefined} */ + const decryptedUserJSON = (() => { + try { + if (request) { + const cookiesObject = parseCookies({ request }); + return decrypt({ + encryptedString: cookiesObject[authKeyName], + }); + } else if (encryptedUserString) { + return decrypt({ + encryptedString: encryptedUserString, + }); + } else { + return undefined; + } + } catch (/** @type {any} */ error) { + console.log( + "Error getting decrypted User JSON to logout:", + error.message + ); + + return undefined; + } + })(); + + if (!decryptedUserJSON) throw new Error("Invalid User"); + const userObject = /** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser | undefined} */ ( EJSON.parse(decryptedUserJSON) @@ -37,13 +76,6 @@ function logoutUser({ response, database, dsqlUserId, encryptedUserString }) { if (!userObject?.csrf_k) throw new Error("Invalid User. Please check key"); - const cookieNames = getAuthCookieNames({ - database, - userId: dsqlUserId || process.env.DSQL_API_USER_ID, - }); - const authKeyName = cookieNames.keyCookieName; - const csrfName = cookieNames.csrfCookieName; - response?.setHeader("Set-Cookie", [ `${authKeyName}=null;max-age=0`, `${csrfName}=null;max-age=0`, @@ -65,14 +97,6 @@ function logoutUser({ response, database, dsqlUserId, encryptedUserString }) { payload: "Logout Failed", }; } - - /** ********************************************** */ - /** ********************************************** */ - /** ********************************************** */ } -/** ********************************************** */ -/** ********************************************** */ -/** ********************************************** */ - module.exports = logoutUser;