import http from "http"; import fs from "fs"; import path from "path"; import encrypt from "../package-shared/functions/dsql/encrypt"; import grabHostNames from "../package-shared/utils/grab-host-names"; import apiLoginUser from "../package-shared/functions/api/users/api-login"; import getAuthCookieNames from "../package-shared/functions/backend/cookies/get-auth-cookie-names"; import { writeAuthFile } from "../package-shared/functions/backend/auth/write-auth-files"; import { APILoginFunctionReturn, DSQL_DatabaseSchemaType, PackageUserLoginRequestBody, } from "../package-shared/types"; type Param = { key?: string; database: string; payload: { email?: string; username?: string; password?: string; }; additionalFields?: string[]; response?: http.ServerResponse & { [s: string]: any }; encryptionKey?: string; encryptionSalt?: string; email_login?: boolean; email_login_code?: string; temp_code_field?: string; token?: boolean; user_id?: string | number; skipPassword?: boolean; useLocal?: boolean; skipWriteAuthFile?: boolean; apiUserID?: string | number; dbUserId?: string | number; }; /** * # Login A user */ export default async function loginUser({ key, payload, database, additionalFields, response, encryptionKey, encryptionSalt, email_login, email_login_code, temp_code_field, token, user_id, skipPassword, useLocal, apiUserID, skipWriteAuthFile, dbUserId, }: Param): Promise { const grabedHostNames = grabHostNames(); const { host, port, scheme } = grabedHostNames; const defaultTempLoginFieldName = "temp_login_code"; const emailLoginTempCodeFieldName = email_login ? temp_code_field ? temp_code_field : defaultTempLoginFieldName : undefined; const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD; const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT; if (!finalEncryptionKey?.match(/.{8,}/)) { console.log("Encryption key is invalid"); return { success: false, payload: null, msg: "Encryption key is invalid", }; } if (!finalEncryptionSalt?.match(/.{8,}/)) { console.log("Encryption salt is invalid"); return { success: false, payload: null, msg: "Encryption salt is invalid", }; } /** * Check required fields * * @description Check required fields */ if (!payload.email) { return { success: false, payload: null, msg: "Email Required", }; } /** * Initialize HTTP response variable */ /** @type {import("../package-shared/types").APILoginFunctionReturn} */ let httpResponse: import("../package-shared/types").APILoginFunctionReturn = { success: false, }; /** * Check for local DB settings * * @description Look for local db settings in `.env` file and by pass the http request if available */ const { DSQL_DB_HOST, DSQL_DB_USERNAME, DSQL_DB_PASSWORD, DSQL_DB_NAME } = process.env; if ( DSQL_DB_HOST?.match(/./) && DSQL_DB_USERNAME?.match(/./) && DSQL_DB_PASSWORD?.match(/./) && DSQL_DB_NAME?.match(/./) && useLocal ) { let dbSchema: DSQL_DatabaseSchemaType | undefined; try { const localDbSchemaPath = path.resolve( process.cwd(), "dsql.schema.json" ); dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8")); } catch (error) {} httpResponse = await apiLoginUser({ database: process.env.DSQL_DB_NAME || "", email: payload.email, username: payload.username, password: payload.password, skipPassword, encryptionKey: finalEncryptionKey, additionalFields, email_login, email_login_code, email_login_field: emailLoginTempCodeFieldName, token, useLocal, dbUserId, }); } else { httpResponse = await new Promise((resolve, reject) => { const reqPayload: PackageUserLoginRequestBody = { encryptionKey: finalEncryptionKey, payload, database, additionalFields, email_login, email_login_code, email_login_field: emailLoginTempCodeFieldName, token, skipPassword: skipPassword, dbUserId: dbUserId || 0, }; const reqPayloadJSON = JSON.stringify(reqPayload); const httpsRequest = scheme.request( { method: "POST", headers: { "Content-Type": "application/json", "Content-Length": Buffer.from(reqPayloadJSON).length, Authorization: key || process.env.DSQL_FULL_ACCESS_API_KEY || process.env.DSQL_API_KEY, }, port, hostname: host, path: `/api/user/${ user_id || grabedHostNames.user_id }/login-user`, }, (res) => { var str = ""; res.on("data", function (chunk) { str += chunk; }); res.on("end", function () { resolve(JSON.parse(str)); }); res.on("error", (err) => { reject(err); }); } ); httpsRequest.write(reqPayloadJSON); httpsRequest.end(); }); } /** * Make https request * * @description make a request to datasquirel.com */ if (httpResponse?.success) { let encryptedPayload = encrypt({ data: JSON.stringify(httpResponse.payload), encryptionKey: finalEncryptionKey, encryptionSalt: finalEncryptionSalt, }); try { if (token && encryptedPayload) httpResponse["token"] = encryptedPayload; } catch (error) {} const cookieNames = getAuthCookieNames({ database, userId: apiUserID || user_id || grabedHostNames.user_id, }); if (httpResponse.csrf && !skipWriteAuthFile) { writeAuthFile( httpResponse.csrf, JSON.stringify(httpResponse.payload) ); } httpResponse["cookieNames"] = cookieNames; httpResponse["key"] = String(encryptedPayload); const authKeyName = cookieNames.keyCookieName; const csrfName = cookieNames.csrfCookieName; response?.setHeader("Set-Cookie", [ `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`, `${csrfName}=${httpResponse.payload?.csrf_k};samesite=strict;path=/;HttpOnly=true`, ]); } return httpResponse; }