This commit is contained in:
Benjamin Toby 2024-12-10 19:05:05 +01:00
parent 5eef6628a4
commit 3b236b2ced
3 changed files with 51 additions and 23 deletions

View File

@ -1,6 +1,6 @@
{ {
"name": "@moduletrace/datasquirel", "name": "@moduletrace/datasquirel",
"version": "2.8.6", "version": "2.8.7",
"description": "Cloud-based SQL data management tool", "description": "Cloud-based SQL data management tool",
"main": "index.js", "main": "index.js",
"bin": { "bin": {

View File

@ -3,15 +3,19 @@ export = logoutUser;
* Logout user * Logout user
* ============================================================================== * ==============================================================================
* @param {object} params - Single Param object containing params * @param {object} params - Single Param object containing params
* @param {string} params.encryptedUserString - Encrypted User String * @param {string} [params.encryptedUserString] - Encrypted User String
* @param {http.IncomingMessage & Object<string, any>} [params.request] - Request Object
* @param {http.ServerResponse & Object<string, any>} [params.response] - Http response object * @param {http.ServerResponse & Object<string, any>} [params.response] - Http response object
* @param {string} [params.database] - Target database name(slug): optional * @param {string} [params.database] - Target database name(slug): optional
* @param {string | number} [params.dsqlUserId] * @param {string | number} [params.dsqlUserId]
* *
* @returns {{success: boolean, payload: string, cookieNames?: any}} * @returns {{success: boolean, payload: string, cookieNames?: any}}
*/ */
declare function logoutUser({ response, database, dsqlUserId, encryptedUserString }: { declare function logoutUser({ response, database, dsqlUserId, encryptedUserString, request, }: {
encryptedUserString: string; encryptedUserString?: string;
request?: http.IncomingMessage & {
[x: string]: any;
};
response?: http.ServerResponse & { response?: http.ServerResponse & {
[x: string]: any; [x: string]: any;
}; };

View File

@ -7,28 +7,67 @@ const EJSON = require("../package-shared/utils/ejson");
const { const {
deleteAuthFile, deleteAuthFile,
} = require("../package-shared/functions/backend/auth/write-auth-files"); } = require("../package-shared/functions/backend/auth/write-auth-files");
const parseCookies = require("../package-shared/utils/backend/parseCookies");
/** /**
* Logout user * Logout user
* ============================================================================== * ==============================================================================
* @param {object} params - Single Param object containing params * @param {object} params - Single Param object containing params
* @param {string} params.encryptedUserString - Encrypted User String * @param {string} [params.encryptedUserString] - Encrypted User String
* @param {http.IncomingMessage & Object<string, any>} [params.request] - Request Object
* @param {http.ServerResponse & Object<string, any>} [params.response] - Http response object * @param {http.ServerResponse & Object<string, any>} [params.response] - Http response object
* @param {string} [params.database] - Target database name(slug): optional * @param {string} [params.database] - Target database name(slug): optional
* @param {string | number} [params.dsqlUserId] * @param {string | number} [params.dsqlUserId]
* *
* @returns {{success: boolean, payload: string, cookieNames?: any}} * @returns {{success: boolean, payload: string, cookieNames?: any}}
*/ */
function logoutUser({ response, database, dsqlUserId, encryptedUserString }) { function logoutUser({
response,
database,
dsqlUserId,
encryptedUserString,
request,
}) {
/** /**
* Check Encryption Keys * Check Encryption Keys
* *
* @description Check Encryption Keys * @description Check Encryption Keys
*/ */
try { try {
const decryptedUserJSON = decrypt({ const cookieNames = getAuthCookieNames({
encryptedString: encryptedUserString, database,
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
}); });
const authKeyName = cookieNames.keyCookieName;
const csrfName = cookieNames.csrfCookieName;
/** @type {string | undefined} */
const decryptedUserJSON = (() => {
try {
if (request) {
const cookiesObject = parseCookies({ request });
return decrypt({
encryptedString: cookiesObject[authKeyName],
});
} else if (encryptedUserString) {
return decrypt({
encryptedString: encryptedUserString,
});
} else {
return undefined;
}
} catch (/** @type {any} */ error) {
console.log(
"Error getting decrypted User JSON to logout:",
error.message
);
return undefined;
}
})();
if (!decryptedUserJSON) throw new Error("Invalid User");
const userObject = const userObject =
/** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser | undefined} */ ( /** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser | undefined} */ (
EJSON.parse(decryptedUserJSON) EJSON.parse(decryptedUserJSON)
@ -37,13 +76,6 @@ function logoutUser({ response, database, dsqlUserId, encryptedUserString }) {
if (!userObject?.csrf_k) if (!userObject?.csrf_k)
throw new Error("Invalid User. Please check key"); throw new Error("Invalid User. Please check key");
const cookieNames = getAuthCookieNames({
database,
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
});
const authKeyName = cookieNames.keyCookieName;
const csrfName = cookieNames.csrfCookieName;
response?.setHeader("Set-Cookie", [ response?.setHeader("Set-Cookie", [
`${authKeyName}=null;max-age=0`, `${authKeyName}=null;max-age=0`,
`${csrfName}=null;max-age=0`, `${csrfName}=null;max-age=0`,
@ -65,14 +97,6 @@ function logoutUser({ response, database, dsqlUserId, encryptedUserString }) {
payload: "Logout Failed", payload: "Logout Failed",
}; };
} }
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
} }
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
module.exports = logoutUser; module.exports = logoutUser;