diff --git a/dist/users/user-auth.d.ts b/dist/users/user-auth.d.ts index 0fdd6f3..196f87f 100644 --- a/dist/users/user-auth.d.ts +++ b/dist/users/user-auth.d.ts @@ -16,6 +16,7 @@ type Param = { dsqlUserId?: string | number; expiry?: number; csrfHeaderName?: string; + debug?: boolean; }; /** * Authenticate User from request @@ -23,5 +24,5 @@ type Param = { * @description This Function takes in a request object and returns a user object * with the user's data */ -export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, }: Param): AuthenticatedUser; +export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, debug, }: Param): AuthenticatedUser; export {}; diff --git a/dist/users/user-auth.js b/dist/users/user-auth.js index 872e846..d902402 100644 --- a/dist/users/user-auth.js +++ b/dist/users/user-auth.js @@ -21,24 +21,29 @@ const yearInMilliseconds = dayInMilliseconds * 365; * @description This Function takes in a request object and returns a user object * with the user's data */ -function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, }) { +function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, debug, }) { try { const finalRequest = req || request; - const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD; - const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT; const cookies = (0, parseCookies_1.default)({ request: finalRequest, cookieString, }); + if (debug) { + console.log("userAuth:cookies:", cookies); + } const keyNames = (0, get_auth_cookie_names_1.default)({ userId: dsqlUserId || process.env.DSQL_API_USER_ID, database: database || process.env.DSQL_DB_NAME, }); - const authKeyName = keyNames.keyCookieName; - const csrfName = keyNames.csrfCookieName; + if (debug) { + console.log("userAuth:keyNames:", keyNames); + } const key = encryptedUserString ? encryptedUserString - : cookies[authKeyName]; + : cookies[keyNames.keyCookieName]; + if (debug) { + console.log("userAuth:key:", key); + } /** * Grab the payload * @@ -46,9 +51,12 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database */ let userPayloadJSON = (0, decrypt_1.default)({ encryptedString: key, - encryptionKey: finalEncryptionKey, - encryptionSalt: finalEncryptionSalt, + encryptionKey, + encryptionSalt, }); + if (debug) { + console.log("userAuth:userPayloadJSON:", userPayloadJSON); + } /** * Grab the payload * @@ -68,6 +76,9 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database */ /** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser} */ let userObject = JSON.parse(userPayloadJSON); + if (debug) { + console.log("userAuth:userObject:", userObject); + } if (!userObject.csrf_k) { return { success: false, @@ -96,16 +107,6 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database msg: "CSRF_K mismatch", }; } - // const targetCsrfHeaderKey = Object.keys(finalRequest.headers) - // .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, "")) - // .find((k) => k == userObject.csrf_k); - // if (csrfHeaderIsValue && !targetCsrfHeaderKey) { - // return { - // success: false, - // payload: null, - // msg: "CSRF_K Header Key mismatch", - // }; - // } } const payloadCreationDate = Number(userObject.date); if (Number.isNaN(payloadCreationDate) || diff --git a/package.json b/package.json index d53f1a9..d07f539 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@moduletrace/datasquirel", - "version": "3.5.6", + "version": "3.5.7", "description": "Cloud-based SQL data management tool", "main": "dist/index.js", "bin": { diff --git a/users/user-auth.ts b/users/user-auth.ts index 843592a..bcdb7fd 100644 --- a/users/user-auth.ts +++ b/users/user-auth.ts @@ -25,6 +25,7 @@ type Param = { dsqlUserId?: string | number; expiry?: number; csrfHeaderName?: string; + debug?: boolean; }; /** @@ -45,31 +46,36 @@ export default function userAuth({ expiry = weekInMilliseconds, cookieString, csrfHeaderName, + debug, }: Param): AuthenticatedUser { try { const finalRequest = req || request; - const finalEncryptionKey = - encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD; - const finalEncryptionSalt = - encryptionSalt || process.env.DSQL_ENCRYPTION_SALT; - const cookies = parseCookies({ request: finalRequest, cookieString, }); + if (debug) { + console.log("userAuth:cookies:", cookies); + } + const keyNames = getAuthCookieNames({ userId: dsqlUserId || process.env.DSQL_API_USER_ID, database: database || process.env.DSQL_DB_NAME, }); - const authKeyName = keyNames.keyCookieName; - const csrfName = keyNames.csrfCookieName; + if (debug) { + console.log("userAuth:keyNames:", keyNames); + } const key = encryptedUserString ? encryptedUserString - : cookies[authKeyName]; + : cookies[keyNames.keyCookieName]; + + if (debug) { + console.log("userAuth:key:", key); + } /** * Grab the payload @@ -78,10 +84,14 @@ export default function userAuth({ */ let userPayloadJSON = decrypt({ encryptedString: key, - encryptionKey: finalEncryptionKey, - encryptionSalt: finalEncryptionSalt, + encryptionKey, + encryptionSalt, }); + if (debug) { + console.log("userAuth:userPayloadJSON:", userPayloadJSON); + } + /** * Grab the payload * @@ -105,6 +115,10 @@ export default function userAuth({ let userObject: import("../package-shared/types").DATASQUIREL_LoggedInUser = JSON.parse(userPayloadJSON); + if (debug) { + console.log("userAuth:userObject:", userObject); + } + if (!userObject.csrf_k) { return { success: false, @@ -137,18 +151,6 @@ export default function userAuth({ msg: "CSRF_K mismatch", }; } - - // const targetCsrfHeaderKey = Object.keys(finalRequest.headers) - // .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, "")) - // .find((k) => k == userObject.csrf_k); - - // if (csrfHeaderIsValue && !targetCsrfHeaderKey) { - // return { - // success: false, - // payload: null, - // msg: "CSRF_K Header Key mismatch", - // }; - // } } const payloadCreationDate = Number(userObject.date);