Moduletrace/datasquirel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Benjamin Toby 2025-01-14 15:33:49 +01:00
parent 62bb1fd6d4
commit 49716e8c5c
4 changed files with 46 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dist/users/user-auth.d.ts vendored
View File

@ -16,6 +16,7 @@ type Param = {
dsqlUserId?: string | number;
expiry?: number;
csrfHeaderName?: string;
debug?: boolean;
};
/**
* Authenticate User from request
@ -23,5 +24,5 @@ type Param = {
* @description This Function takes in a request object and returns a user object
* with the user's data
*/
export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, }: Param): AuthenticatedUser;
export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, debug, }: Param): AuthenticatedUser;
export {};

37
dist/users/user-auth.js vendored
View File

@ -21,24 +21,29 @@ const yearInMilliseconds = dayInMilliseconds * 365;
* @description This Function takes in a request object and returns a user object
* with the user's data
*/
function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, }) {
function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, debug, }) {
try {
const finalRequest = req || request;
const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
const cookies = (0, parseCookies_1.default)({
request: finalRequest,
cookieString,
});
if (debug) {
console.log("userAuth:cookies:", cookies);
}
const keyNames = (0, get_auth_cookie_names_1.default)({
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
database: database || process.env.DSQL_DB_NAME,
});
const authKeyName = keyNames.keyCookieName;
const csrfName = keyNames.csrfCookieName;
if (debug) {
console.log("userAuth:keyNames:", keyNames);
}
const key = encryptedUserString
? encryptedUserString
: cookies[authKeyName];
: cookies[keyNames.keyCookieName];
if (debug) {
console.log("userAuth:key:", key);
}
/**
* Grab the payload
*
@ -46,9 +51,12 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
*/
let userPayloadJSON = (0, decrypt_1.default)({
encryptedString: key,
encryptionKey: finalEncryptionKey,
encryptionSalt: finalEncryptionSalt,
encryptionKey,
encryptionSalt,
});
if (debug) {
console.log("userAuth:userPayloadJSON:", userPayloadJSON);
}
/**
* Grab the payload
*
@ -68,6 +76,9 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
*/
/** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser} */
let userObject = JSON.parse(userPayloadJSON);
if (debug) {
console.log("userAuth:userObject:", userObject);
}
if (!userObject.csrf_k) {
return {
success: false,
@ -96,16 +107,6 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
msg: "CSRF_K mismatch",
};
}
// const targetCsrfHeaderKey = Object.keys(finalRequest.headers)
// .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, ""))
// .find((k) => k == userObject.csrf_k);
// if (csrfHeaderIsValue && !targetCsrfHeaderKey) {
// return {
// success: false,
// payload: null,
// msg: "CSRF_K Header Key mismatch",
// };
// }
}
const payloadCreationDate = Number(userObject.date);
if (Number.isNaN(payloadCreationDate) ||

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "@moduletrace/datasquirel",
"version": "3.5.6",
"version": "3.5.7",
"description": "Cloud-based SQL data management tool",
"main": "dist/index.js",
"bin": {

46
users/user-auth.ts
View File

@ -25,6 +25,7 @@ type Param = {
dsqlUserId?: string | number;
expiry?: number;
csrfHeaderName?: string;
debug?: boolean;
};
/**
@ -45,31 +46,36 @@ export default function userAuth({
expiry = weekInMilliseconds,
cookieString,
csrfHeaderName,
debug,
}: Param): AuthenticatedUser {
try {
const finalRequest = req || request;
const finalEncryptionKey =
encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
const finalEncryptionSalt =
encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
const cookies = parseCookies({
request: finalRequest,
cookieString,
});
if (debug) {
console.log("userAuth:cookies:", cookies);
}
const keyNames = getAuthCookieNames({
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
database: database || process.env.DSQL_DB_NAME,
});
const authKeyName = keyNames.keyCookieName;
const csrfName = keyNames.csrfCookieName;
if (debug) {
console.log("userAuth:keyNames:", keyNames);
}
const key = encryptedUserString
? encryptedUserString
: cookies[authKeyName];
: cookies[keyNames.keyCookieName];
if (debug) {
console.log("userAuth:key:", key);
}
/**
* Grab the payload
@ -78,10 +84,14 @@ export default function userAuth({
*/
let userPayloadJSON = decrypt({
encryptedString: key,
encryptionKey: finalEncryptionKey,
encryptionSalt: finalEncryptionSalt,
encryptionKey,
encryptionSalt,
});
if (debug) {
console.log("userAuth:userPayloadJSON:", userPayloadJSON);
}
/**
* Grab the payload
*
@ -105,6 +115,10 @@ export default function userAuth({
let userObject: import("../package-shared/types").DATASQUIREL_LoggedInUser =
JSON.parse(userPayloadJSON);
if (debug) {
console.log("userAuth:userObject:", userObject);
}
if (!userObject.csrf_k) {
return {
success: false,
@ -137,18 +151,6 @@ export default function userAuth({
msg: "CSRF_K mismatch",
};
}
// const targetCsrfHeaderKey = Object.keys(finalRequest.headers)
// .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, ""))
// .find((k) => k == userObject.csrf_k);
// if (csrfHeaderIsValue && !targetCsrfHeaderKey) {
// return {
// success: false,
// payload: null,
// msg: "CSRF_K Header Key mismatch",
// };
// }
}
const payloadCreationDate = Number(userObject.date);