import http from "http"; import https from "https"; import fs from "fs"; import path from "path"; import encrypt from "../package-shared/functions/dsql/encrypt"; import userAuth from "./user-auth"; import grabHostNames from "../package-shared/utils/grab-host-names"; import apiReauthUser from "../package-shared/functions/api/users/api-reauth-user"; import { writeAuthFile, deleteAuthFile, } from "../package-shared/functions/backend/auth/write-auth-files"; import getAuthCookieNames from "../package-shared/functions/backend/cookies/get-auth-cookie-names"; import { APILoginFunctionReturn } from "../package-shared/types"; type Param = { key?: string; database?: string; response?: http.ServerResponse; request?: http.IncomingMessage; level?: "deep" | "normal"; encryptionKey?: string; encryptionSalt?: string; additionalFields?: string[]; encryptedUserString?: string; user_id?: string | number; useLocal?: boolean; }; /** * # Reauthorize User */ export default async function reauthUser({ key, database, response, request, level, encryptionKey, encryptionSalt, additionalFields, encryptedUserString, user_id, useLocal, }: Param): Promise { /** * Check Encryption Keys * * @description Check Encryption Keys */ const grabedHostNames = grabHostNames(); const { host, port, scheme } = grabedHostNames; const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD; const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT; const existingUser = userAuth({ database, encryptionKey: finalEncryptionKey, encryptionSalt: finalEncryptionSalt, level, request, encryptedUserString, }); if (!existingUser?.payload?.id) { return { success: false, payload: null, msg: "Cookie Credentials Invalid", }; } /** * Initialize HTTP response variable */ let httpResponse; /** * Check for local DB settings * * @description Look for local db settings in `.env` file and by pass the http request if available */ const { DSQL_DB_HOST, DSQL_DB_USERNAME, DSQL_DB_PASSWORD, DSQL_DB_NAME } = process.env; if ( DSQL_DB_HOST?.match(/./) && DSQL_DB_USERNAME?.match(/./) && DSQL_DB_PASSWORD?.match(/./) && DSQL_DB_NAME?.match(/./) && useLocal ) { /** @type {import("../package-shared/types").DSQL_DatabaseSchemaType | undefined} */ let dbSchema: | import("../package-shared/types").DSQL_DatabaseSchemaType | undefined; try { const localDbSchemaPath = path.resolve( process.cwd(), "dsql.schema.json" ); dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8")); } catch (error) {} httpResponse = await apiReauthUser({ existingUser: existingUser.payload, additionalFields, useLocal, }); } else { /** * Make https request * * @description make a request to datasquirel.com */ httpResponse = (await new Promise((resolve, reject) => { const reqPayload = JSON.stringify({ existingUser: existingUser.payload, database, additionalFields, }); const httpsRequest = scheme.request( { method: "POST", headers: { "Content-Type": "application/json", "Content-Length": Buffer.from(reqPayload).length, Authorization: key || process.env.DSQL_FULL_ACCESS_API_KEY || process.env.DSQL_API_KEY, }, port, hostname: host, path: `/api/user/${ user_id || grabedHostNames.user_id }/reauth-user`, }, /** * Callback Function * * @description https request callback */ (response) => { var str = ""; response.on("data", function (chunk) { str += chunk; }); response.on("end", function () { resolve(JSON.parse(str)); }); response.on("error", (err) => { reject(err); }); } ); httpsRequest.write(reqPayload); httpsRequest.end(); })) as APILoginFunctionReturn; } /** * Make https request * * @description make a request to datasquirel.com */ if (httpResponse?.success) { let encryptedPayload = encrypt({ data: JSON.stringify(httpResponse.payload), encryptionKey: finalEncryptionKey, encryptionSalt: finalEncryptionSalt, }); const cookieNames = getAuthCookieNames({ database, userId: user_id || grabedHostNames.user_id, }); httpResponse["cookieNames"] = cookieNames; httpResponse["key"] = String(encryptedPayload); const authKeyName = cookieNames.keyCookieName; const csrfName = cookieNames.csrfCookieName; response?.setHeader("Set-Cookie", [ `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`, `${csrfName}=${httpResponse.payload?.csrf_k};samesite=strict;path=/;HttpOnly=true`, ]); if (httpResponse.csrf) { deleteAuthFile(String(existingUser.payload.csrf_k)); writeAuthFile( httpResponse.csrf, JSON.stringify(httpResponse.payload) ); } } return httpResponse; }