This commit is contained in:
Tben 2023-05-06 12:14:09 +01:00
parent 47f6e8331e
commit f8633b839e
7 changed files with 418 additions and 0 deletions

21
functions/decrypt.js Normal file
View File

@ -0,0 +1,21 @@
const { scryptSync, createDecipheriv } = require("crypto");
const { Buffer } = require("buffer");
const decrypt = ({ encryptedString, encryptionKey, encryptionSalt }) => {
const algorithm = "aes-192-cbc";
const password = encryptionKey;
let key = scryptSync(password, encryptionSalt, 24);
let iv = Buffer.alloc(16, 0);
const decipher = createDecipheriv(algorithm, key, iv);
try {
let decrypted = decipher.update(encryptedString, "hex", "utf8");
decrypted += decipher.final("utf8");
return decrypted;
} catch (error) {
return null;
}
};
module.exports = decrypt;

21
functions/encrypt.js Normal file
View File

@ -0,0 +1,21 @@
const { scryptSync, createCipheriv } = require("crypto");
const { Buffer } = require("buffer");
const encrypt = ({ data, encryptionKey, encryptionSalt }) => {
const algorithm = "aes-192-cbc";
const password = encryptionKey;
let key = scryptSync(password, encryptionSalt, 24);
let iv = Buffer.alloc(16, 0);
const cipher = createCipheriv(algorithm, key, iv);
try {
let encrypted = cipher.update(data, "utf8", "hex");
encrypted += cipher.final("hex");
return encrypted;
} catch (error) {
return null;
}
};
module.exports = encrypt;

View File

@ -6,6 +6,10 @@
const get = require("./utils/get"); const get = require("./utils/get");
const post = require("./utils/post"); const post = require("./utils/post");
const uploadImage = require("./utils/upload-image"); const uploadImage = require("./utils/upload-image");
const createUser = require("./users/add-user");
const loginUser = require("./users/login-user");
const logoutUser = require("./users/logout-user");
const userAuth = require("./users/user-auth");
/** ****************************************************************************** */ /** ****************************************************************************** */
/** ****************************************************************************** */ /** ****************************************************************************** */
@ -24,6 +28,10 @@ const datasquirel = {
get: get, get: get,
post: post, post: post,
uploadImage: uploadImage, uploadImage: uploadImage,
createUser: createUser,
loginUser: loginUser,
logoutUser: logoutUser,
userAuth: userAuth,
}; };
module.exports = datasquirel; module.exports = datasquirel;

88
users/add-user.js Normal file
View File

@ -0,0 +1,88 @@
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
const https = require("https");
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* ==============================================================================
* Main Function
* ==============================================================================
* @param {String} key - API Key
* @param {String} database - Target Database
* @param {String | Object} payload - SQL query String or Request Object. Eg. {
action: "insert | update | delete",
data: {
user_id: user.id,
user_first_name: user.first_name,
user_last_name: user.last_name,
},
table: "posts",
}
*/
module.exports = async function ({ key, payload, database }) {
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
const httpResponse = await new Promise((resolve, reject) => {
https
.request(
{
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: key,
},
port: 443,
hostname: "datasquirel.com",
path: `/api/user/add-user`,
},
/**
* Callback Function
*
* @description https request callback
*/
(response) => {
var str = "";
response.on("data", function (chunk) {
str += chunk;
});
response.on("end", function () {
resolve(JSON.parse(str));
});
response.on("error", (err) => {
reject(err);
});
}
)
.write({
payload,
database,
})
.end();
});
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
return httpResponse;
};
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */

143
users/login-user.js Normal file
View File

@ -0,0 +1,143 @@
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
const https = require("https");
const encrypt = require("../functions/encrypt");
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* ==============================================================================
* Main Function
* ==============================================================================
* @param {String} key - API Key
* @param {String} database - Target Database
* @param {Object} payload - SQL query String or Request Object. Eg. {
action: "insert | update | delete",
data: {
user_id: user.id,
user_first_name: user.first_name,
user_last_name: user.last_name,
},
table: "posts",
}
* @param {Object} response - Http response object
* @param {String} encryptionKey - Encryption Key
* @param {String} encryptionSalt - Encryption Salt
*/
module.exports = async function ({ key, payload, database, response, encryptionKey, encryptionSalt }) {
/**
* Check Encryption Keys
*
* @description Check Encryption Keys
*/
if (!encryptionKey?.match(/./))
return {
success: false,
payload: null,
msg: "Encryption Key Required",
};
if (!encryptionSalt?.match(/./))
return {
success: false,
payload: null,
msg: "Encryption Salt Required",
};
if (encryptionKey.length < 24)
return {
success: false,
payload: null,
msg: "Encryption Key must be at least 24 characters",
};
if (encryptionSalt.length < 8)
return {
success: false,
payload: null,
msg: "Encryption Salt must be at least 8 characters",
};
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
const httpResponse = await new Promise((resolve, reject) => {
https
.request(
{
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: key,
},
port: 443,
hostname: "datasquirel.com",
path: `/api/user/login-user`,
},
/**
* Callback Function
*
* @description https request callback
*/
(response) => {
var str = "";
response.on("data", function (chunk) {
str += chunk;
});
response.on("end", function () {
resolve(JSON.parse(str));
});
response.on("error", (err) => {
reject(err);
});
}
)
.write({
payload,
database,
})
.end();
});
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
/**
* Make https request
*
* @description make a request to datasquirel.com
*/
if (httpResponse?.success) {
let encryptedPayload = encrypt({
data: JSON.stringify(httpResponse.payload),
encryptionKey,
encryptionSalt,
});
response.setHeader("Set-Cookie", [`datasquirelAuthKey=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`, `csrf=${httpResponse.csrf};samesite=strict;path=/;HttpOnly=true`]);
}
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
return httpResponse;
};
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */

40
users/logout-user.js Normal file
View File

@ -0,0 +1,40 @@
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* ==============================================================================
* Main Function
* ==============================================================================
* @param {Object} response - Http response object
*/
module.exports = async function ({ response }) {
/**
* Check Encryption Keys
*
* @description Check Encryption Keys
*/
response.setHeader("Set-Cookie", ["datasquirelAuthKey=none;max-age=0", "usertype=none;max-age=0", `refresh_properties=1;Max-Age=7000`]);
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
return {
success: true,
payload: "User Logged Out",
};
};
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */

97
users/user-auth.js Normal file
View File

@ -0,0 +1,97 @@
/**
* ==============================================================================
* Imports
* ==============================================================================
*/
const decrypt = require("../functions/decrypt");
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/**
* ==============================================================================
* Main Function
* ==============================================================================
* @param {Object} request - Http request object
* @param {String} encryptionKey - Encryption Key
* @param {String} encryptionSalt - Encryption Salt
*/
module.exports = async function ({ request, encryptionKey, encryptionSalt }) {
/**
* Grab the payload
*
* @description Grab the payload
*/
let userPayload = decrypt({
encryptedString: request.cookies.datasquirelAuthKey,
encryptionKey,
encryptionSalt,
});
/**
* Grab the payload
*
* @description Grab the payload
*/
if (!userPayload) {
return {
success: false,
payload: null,
msg: "Couldn't Decrypt cookie",
};
}
/**
* Grab the payload
*
* @description Grab the payload
*/
let userObject = JSON.parse(userPayload);
if (!userObject.csrf_k) {
return {
success: false,
payload: null,
msg: "No CSRF_K in decrypted payload",
};
}
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
/**
* Grab the payload
*
* @description Grab the payload
*/
if (csrf && !req.headers["x-csrf-auth"]?.match(new RegExp(`${userObject.csrf_k}`))) {
return {
success: false,
payload: null,
msg: "CSRF_K requested but does not match payload",
};
}
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
/**
* Return User Object
*
* @description Return User Object
*/
return {
success: true,
payload: userObject,
};
};
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */