diff --git a/engine/user/add-user.js b/engine/user/add-user.js index a490101..9a8cbbc 100644 --- a/engine/user/add-user.js +++ b/engine/user/add-user.js @@ -44,7 +44,10 @@ async function localAddUser({ payload, dbSchema }) { return { success: false, payload: `Password is required to create an account` }; } - const hashedPassword = hashPassword(payload.password); + const hashedPassword = hashPassword({ + password: payload.password, + encryptionKey, + }); payload.password = hashedPassword; let fields = await varDatabaseDbHandler({ diff --git a/engine/user/login-user.js b/engine/user/login-user.js index f546017..03508d6 100644 --- a/engine/user/login-user.js +++ b/engine/user/login-user.js @@ -26,6 +26,8 @@ async function loginLocalUser({ payload, additionalFields, dbSchema }) { const { email, username, password } = payload; const dbFullName = process.env.DSQL_DB_NAME || ""; + const encryptionKey = process.env.DSQL_ENCRYPTION_KEY || ""; + const encryptionSalt = process.env.DSQL_ENCRYPTION_SALT || ""; /** * Check input validity @@ -44,7 +46,10 @@ async function loginLocalUser({ payload, additionalFields, dbSchema }) { * * @description Password hash */ - let hashedPassword = hashPassword(password); + let hashedPassword = hashPassword({ + password: password, + encryptionKey: encryptionKey, + }); //////////////////////////////////////// //////////////////////////////////////// diff --git a/engine/user/social/utils/googleLogin.js b/engine/user/social/utils/googleLogin.js deleted file mode 100644 index 6060e22..0000000 --- a/engine/user/social/utils/googleLogin.js +++ /dev/null @@ -1,150 +0,0 @@ -// @ts-check - -/** - * ============================================================================== - * Imports - * ============================================================================== - */ -const fs = require("fs"); - -//////////////////////////////////////////////// -//////////////////////////////////////////////// -//////////////////////////////////////////////// - -const { OAuth2Client } = require("google-auth-library"); - -const dbHandler = require("../../../engine/utils/dbHandler"); -const hashPassword = require("../../../../functions/hashPassword"); - -////////////////////////////////////////////////////////////////////////////////// -////////////////////////////////////////////////////////////////////////////////// -////////////////////////////////////////////////////////////////////////////////// -////////////////////////////////////////////////////////////////////////////////// -////////////////////////////////////////////////////////////////////////////////// -////////////////////////////////////////////////////////////////////////////////// - -/** - * ============================================================================== - * Main Function - * ============================================================================== - * @param {Object} params - foundUser if any - */ -module.exports = async function googleLogin({ usertype, foundUser, isSocialValidated, isUserValid, reqBody, serverRes, loginFailureReason }) { - const client = new OAuth2Client(process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID); - let isGoogleAuthValid = false; - let newFoundUser = null; - - //////////////////////////////////////////////// - //////////////////////////////////////////////// - //////////////////////////////////////////////// - - try { - const ticket = await client.verifyIdToken({ - idToken: reqBody.token, - audience: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID, // Specify the CLIENT_ID of the app that accesses the backend - // Or, if multiple clients access the backend: - //[CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3] - }); - - // @ts-ignore - const payload = ticket.payload; - const userid = payload["sub"]; - - isUserValid = payload.email_verified; - - if (!isUserValid || !payload || !payload.email_verified) return; - - serverRes.isUserValid = payload.email_verified; - isSocialValidated = payload.email_verified; - isGoogleAuthValid = payload.email_verified; - ////// If request specified a G Suite domain: - ////// const domain = payload['hd']; - - let socialHashedPassword = hashPassword(payload.jti); - - //////////////////////////////////////////////// - //////////////////////////////////////////////// - //////////////////////////////////////////////// - - let existinEmail = await dbHandler({ - query: `SELECT * FROM ${usertype} WHERE email = ? AND social_login!='1' AND social_platform!='google'`, - values: [payload.email], - }); - - if (existinEmail && existinEmail[0]) { - loginFailureReason = "Email Exists Already"; - isGoogleAuthValid = false; - return { isGoogleAuthValid: isGoogleAuthValid, newFoundUser: newFoundUser, loginFailureReason: loginFailureReason }; - } - - //////////////////////////////////////// - - foundUser = await dbHandler({ - query: `SELECT * FROM ${usertype} WHERE email = ? AND social_login='1' AND social_platform='google'`, - values: [payload.email], - }); - - if (foundUser && foundUser[0]) { - newFoundUser = foundUser; - return { isGoogleAuthValid: isGoogleAuthValid, newFoundUser: newFoundUser }; - } - - //////////////////////////////////////////////// - //////////////////////////////////////////////// - //////////////////////////////////////////////// - - let newUser = await dbHandler({ - query: `INSERT INTO ${usertype} ( - first_name, - last_name, - social_platform, - social_name, - social_id, - email, - image, - image_thumbnail, - password, - verification_status, - social_login, - terms_agreement, - date_created, - date_code - ) VALUES ( - '${payload.given_name}', - '${payload.family_name}', - 'google', - 'google_${payload.email.replace(/@.*/, "")}', - '${payload.sub}', - '${payload.email}', - '${payload.picture}', - '${payload.picture}', - '${socialHashedPassword}', - '1', - '1', - '1', - '${Date()}', - '${Date.now()}' - )`, - }); - - newFoundUser = await dbHandler({ - query: `SELECT * FROM ${usertype} WHERE id = ?`, - values: [newUser.insertId], - }); - - //////////////////////////////////////////////// - //////////////////////////////////////////////// - //////////////////////////////////////////////// - } catch (error) { - loginFailureReason = error; - - isUserValid = false; - isSocialValidated = false; - } - - //////////////////////////////////////////////// - //////////////////////////////////////////////// - //////////////////////////////////////////////// - - return { isGoogleAuthValid: isGoogleAuthValid, newFoundUser: newFoundUser }; -}; diff --git a/engine/user/update-user.js b/engine/user/update-user.js index 3ce506e..de02440 100644 --- a/engine/user/update-user.js +++ b/engine/user/update-user.js @@ -1,10 +1,5 @@ // @ts-check -const hashPassword = require("../../functions/hashPassword"); -const addUsersTableToDb = require("../engine/addUsersTableToDb"); -const varDatabaseDbHandler = require("../engine/utils/varDatabaseDbHandler"); -const addDbEntry = require("../query/utils/addDbEntry"); -const runQuery = require("../query/utils/runQuery"); const updateDbEntry = require("../query/utils/updateDbEntry"); /** diff --git a/functions/hashPassword.js b/functions/hashPassword.js index 5927970..d082d4f 100644 --- a/functions/hashPassword.js +++ b/functions/hashPassword.js @@ -1,14 +1,25 @@ +/** # MODULE TRACE +====================================================================== + * Detected 4 files that call this module. The files are listed below: +====================================================================== + * `require` Statement Found in [add-user.js] => file:///d:\GitHub\dsql\engine\user\add-user.js + * `require` Statement Found in [login-user.js] => file:///d:\GitHub\dsql\engine\user\login-user.js + * `require` Statement Found in [googleLogin.js] => file:///d:\GitHub\dsql\engine\user\social\utils\googleLogin.js + * `require` Statement Found in [update-user.js] => file:///d:\GitHub\dsql\engine\user\update-user.js +==== MODULE TRACE END ==== */ + // @ts-check const { createHmac } = require("crypto"); /** * # Hash password Function - * @param {string} password + * @param {object} param0 + * @param {string} param0.password - Password to hash + * @param {string} param0.encryptionKey - Encryption key * @returns {string} */ -module.exports = function hashPassword(password) { - const encryptionKey = process.env.DSQL_ENCRYPTION_KEY || ""; +module.exports = function hashPassword({ password, encryptionKey }) { const hmac = createHmac("sha512", encryptionKey); hmac.update(password); let hashed = hmac.digest("base64"); diff --git a/package.json b/package.json index e2e2e5a..eb00c03 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "datasquirel", - "version": "1.8.7", + "version": "1.8.8", "description": "Cloud-based SQL data management tool", "main": "index.js", "bin": {