Updates
This commit is contained in:
Benjamin Toby
parent
62bb1fd6d4
commit
49716e8c5c
3
dist/users/user-auth.d.ts
vendored
3
dist/users/user-auth.d.ts
vendored
@ -16,6 +16,7 @@ type Param = {
|
|||||||
dsqlUserId?: string | number;
|
dsqlUserId?: string | number;
|
||||||
expiry?: number;
|
expiry?: number;
|
||||||
csrfHeaderName?: string;
|
csrfHeaderName?: string;
|
||||||
|
debug?: boolean;
|
||||||
};
|
};
|
||||||
/**
|
/**
|
||||||
* Authenticate User from request
|
* Authenticate User from request
|
||||||
@ -23,5 +24,5 @@ type Param = {
|
|||||||
* @description This Function takes in a request object and returns a user object
|
* @description This Function takes in a request object and returns a user object
|
||||||
* with the user's data
|
* with the user's data
|
||||||
*/
|
*/
|
||||||
export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, }: Param): AuthenticatedUser;
|
export default function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry, cookieString, csrfHeaderName, debug, }: Param): AuthenticatedUser;
|
||||||
export {};
|
export {};
|
||||||
|
|||||||
37
dist/users/user-auth.js
vendored
37
dist/users/user-auth.js
vendored
@ -21,24 +21,29 @@ const yearInMilliseconds = dayInMilliseconds * 365;
|
|||||||
* @description This Function takes in a request object and returns a user object
|
* @description This Function takes in a request object and returns a user object
|
||||||
* with the user's data
|
* with the user's data
|
||||||
*/
|
*/
|
||||||
function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, }) {
|
function userAuth({ request, req, encryptionKey, encryptionSalt, level, database, dsqlUserId, encryptedUserString, expiry = weekInMilliseconds, cookieString, csrfHeaderName, debug, }) {
|
||||||
try {
|
try {
|
||||||
const finalRequest = req || request;
|
const finalRequest = req || request;
|
||||||
const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
|
|
||||||
const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
|
|
||||||
const cookies = (0, parseCookies_1.default)({
|
const cookies = (0, parseCookies_1.default)({
|
||||||
request: finalRequest,
|
request: finalRequest,
|
||||||
cookieString,
|
cookieString,
|
||||||
});
|
});
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:cookies:", cookies);
|
||||||
|
}
|
||||||
const keyNames = (0, get_auth_cookie_names_1.default)({
|
const keyNames = (0, get_auth_cookie_names_1.default)({
|
||||||
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
|
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
|
||||||
database: database || process.env.DSQL_DB_NAME,
|
database: database || process.env.DSQL_DB_NAME,
|
||||||
});
|
});
|
||||||
const authKeyName = keyNames.keyCookieName;
|
if (debug) {
|
||||||
const csrfName = keyNames.csrfCookieName;
|
console.log("userAuth:keyNames:", keyNames);
|
||||||
|
}
|
||||||
const key = encryptedUserString
|
const key = encryptedUserString
|
||||||
? encryptedUserString
|
? encryptedUserString
|
||||||
: cookies[authKeyName];
|
: cookies[keyNames.keyCookieName];
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:key:", key);
|
||||||
|
}
|
||||||
/**
|
/**
|
||||||
* Grab the payload
|
* Grab the payload
|
||||||
*
|
*
|
||||||
@ -46,9 +51,12 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
|
|||||||
*/
|
*/
|
||||||
let userPayloadJSON = (0, decrypt_1.default)({
|
let userPayloadJSON = (0, decrypt_1.default)({
|
||||||
encryptedString: key,
|
encryptedString: key,
|
||||||
encryptionKey: finalEncryptionKey,
|
encryptionKey,
|
||||||
encryptionSalt: finalEncryptionSalt,
|
encryptionSalt,
|
||||||
});
|
});
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:userPayloadJSON:", userPayloadJSON);
|
||||||
|
}
|
||||||
/**
|
/**
|
||||||
* Grab the payload
|
* Grab the payload
|
||||||
*
|
*
|
||||||
@ -68,6 +76,9 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
|
|||||||
*/
|
*/
|
||||||
/** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser} */
|
/** @type {import("../package-shared/types").DATASQUIREL_LoggedInUser} */
|
||||||
let userObject = JSON.parse(userPayloadJSON);
|
let userObject = JSON.parse(userPayloadJSON);
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:userObject:", userObject);
|
||||||
|
}
|
||||||
if (!userObject.csrf_k) {
|
if (!userObject.csrf_k) {
|
||||||
return {
|
return {
|
||||||
success: false,
|
success: false,
|
||||||
@ -96,16 +107,6 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
|
|||||||
msg: "CSRF_K mismatch",
|
msg: "CSRF_K mismatch",
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
// const targetCsrfHeaderKey = Object.keys(finalRequest.headers)
|
|
||||||
// .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, ""))
|
|
||||||
// .find((k) => k == userObject.csrf_k);
|
|
||||||
// if (csrfHeaderIsValue && !targetCsrfHeaderKey) {
|
|
||||||
// return {
|
|
||||||
// success: false,
|
|
||||||
// payload: null,
|
|
||||||
// msg: "CSRF_K Header Key mismatch",
|
|
||||||
// };
|
|
||||||
// }
|
|
||||||
}
|
}
|
||||||
const payloadCreationDate = Number(userObject.date);
|
const payloadCreationDate = Number(userObject.date);
|
||||||
if (Number.isNaN(payloadCreationDate) ||
|
if (Number.isNaN(payloadCreationDate) ||
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@moduletrace/datasquirel",
|
"name": "@moduletrace/datasquirel",
|
||||||
"version": "3.5.6",
|
"version": "3.5.7",
|
||||||
"description": "Cloud-based SQL data management tool",
|
"description": "Cloud-based SQL data management tool",
|
||||||
"main": "dist/index.js",
|
"main": "dist/index.js",
|
||||||
"bin": {
|
"bin": {
|
||||||
|
|||||||
@ -25,6 +25,7 @@ type Param = {
|
|||||||
dsqlUserId?: string | number;
|
dsqlUserId?: string | number;
|
||||||
expiry?: number;
|
expiry?: number;
|
||||||
csrfHeaderName?: string;
|
csrfHeaderName?: string;
|
||||||
|
debug?: boolean;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -45,31 +46,36 @@ export default function userAuth({
|
|||||||
expiry = weekInMilliseconds,
|
expiry = weekInMilliseconds,
|
||||||
cookieString,
|
cookieString,
|
||||||
csrfHeaderName,
|
csrfHeaderName,
|
||||||
|
debug,
|
||||||
}: Param): AuthenticatedUser {
|
}: Param): AuthenticatedUser {
|
||||||
try {
|
try {
|
||||||
const finalRequest = req || request;
|
const finalRequest = req || request;
|
||||||
|
|
||||||
const finalEncryptionKey =
|
|
||||||
encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
|
|
||||||
const finalEncryptionSalt =
|
|
||||||
encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
|
|
||||||
|
|
||||||
const cookies = parseCookies({
|
const cookies = parseCookies({
|
||||||
request: finalRequest,
|
request: finalRequest,
|
||||||
cookieString,
|
cookieString,
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:cookies:", cookies);
|
||||||
|
}
|
||||||
|
|
||||||
const keyNames = getAuthCookieNames({
|
const keyNames = getAuthCookieNames({
|
||||||
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
|
userId: dsqlUserId || process.env.DSQL_API_USER_ID,
|
||||||
database: database || process.env.DSQL_DB_NAME,
|
database: database || process.env.DSQL_DB_NAME,
|
||||||
});
|
});
|
||||||
|
|
||||||
const authKeyName = keyNames.keyCookieName;
|
if (debug) {
|
||||||
const csrfName = keyNames.csrfCookieName;
|
console.log("userAuth:keyNames:", keyNames);
|
||||||
|
}
|
||||||
|
|
||||||
const key = encryptedUserString
|
const key = encryptedUserString
|
||||||
? encryptedUserString
|
? encryptedUserString
|
||||||
: cookies[authKeyName];
|
: cookies[keyNames.keyCookieName];
|
||||||
|
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:key:", key);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Grab the payload
|
* Grab the payload
|
||||||
@ -78,10 +84,14 @@ export default function userAuth({
|
|||||||
*/
|
*/
|
||||||
let userPayloadJSON = decrypt({
|
let userPayloadJSON = decrypt({
|
||||||
encryptedString: key,
|
encryptedString: key,
|
||||||
encryptionKey: finalEncryptionKey,
|
encryptionKey,
|
||||||
encryptionSalt: finalEncryptionSalt,
|
encryptionSalt,
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:userPayloadJSON:", userPayloadJSON);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Grab the payload
|
* Grab the payload
|
||||||
*
|
*
|
||||||
@ -105,6 +115,10 @@ export default function userAuth({
|
|||||||
let userObject: import("../package-shared/types").DATASQUIREL_LoggedInUser =
|
let userObject: import("../package-shared/types").DATASQUIREL_LoggedInUser =
|
||||||
JSON.parse(userPayloadJSON);
|
JSON.parse(userPayloadJSON);
|
||||||
|
|
||||||
|
if (debug) {
|
||||||
|
console.log("userAuth:userObject:", userObject);
|
||||||
|
}
|
||||||
|
|
||||||
if (!userObject.csrf_k) {
|
if (!userObject.csrf_k) {
|
||||||
return {
|
return {
|
||||||
success: false,
|
success: false,
|
||||||
@ -137,18 +151,6 @@ export default function userAuth({
|
|||||||
msg: "CSRF_K mismatch",
|
msg: "CSRF_K mismatch",
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
// const targetCsrfHeaderKey = Object.keys(finalRequest.headers)
|
|
||||||
// .map((k) => k.replace(/[^a-zA-Z0-9\-]/g, ""))
|
|
||||||
// .find((k) => k == userObject.csrf_k);
|
|
||||||
|
|
||||||
// if (csrfHeaderIsValue && !targetCsrfHeaderKey) {
|
|
||||||
// return {
|
|
||||||
// success: false,
|
|
||||||
// payload: null,
|
|
||||||
// msg: "CSRF_K Header Key mismatch",
|
|
||||||
// };
|
|
||||||
// }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const payloadCreationDate = Number(userObject.date);
|
const payloadCreationDate = Number(userObject.date);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user