"use strict"; exports.id = 370; exports.ids = [370]; exports.modules = { /***/ 370: /***/ ((module, __unused_webpack_exports, __webpack_require__) => { // @ts-check const http = __webpack_require__(3685); const DB_HANDLER = __webpack_require__(9395); const decrypt = __webpack_require__(5304); const fs = __webpack_require__(7147); const EXPIRY_TIME = 1000 * 60 * 60 * 24 * 1 * 7; // 7 days /** * @async * @param {import("next").NextApiRequest | http.IncomingMessage & { cookies: Partial<{ [key: string]: string; }>; }} req - https request object * @param {import("next").NextApiResponse | http.ServerResponse} res - https response object * @param {boolean | null} [csrf] - csrf key * @param {any} [query] - query object * * @returns {Promise<(import("@/package-shared/types").UserType | null)>} */ module.exports = async function userAuth(req, res, csrf, query) { /** ********************* Check for existence of required cookie */ if (!req.cookies?.datasquirelAuthKey?.match(/./)) { // console.log("No datasquirel key cookie present"); return null; } /** ********************* Grab the payload */ let userPayload = decrypt(req.cookies.datasquirelAuthKey); /** ********************* Return if no payload */ if (!userPayload) { // console.log("Couldn't Decrypt cookie"); return null; } /** ********************* Parse the payload */ let userObject = JSON.parse(userPayload); const { user_type } = userObject; if (!userObject.csrf_k) { // console.log("No CSRF_K in decrypted payload"); return null; } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// if (csrf && // @ts-ignore !req.headers["x-csrf-auth"]?.match(new RegExp(`${userObject.csrf_k}`))) { // console.log("CSRF_K requested but does not match payload"); return null; } const allowedAuthKeysPath = process.env.DSQL_USER_LOGIN_KEYS_PATH; if (!allowedAuthKeysPath) { console.log(`DSQL_USER_LOGIN_KEYS_PATH env variable not found. Please set this variable.`); return null; } if (csrf && !fs.existsSync(`${allowedAuthKeysPath}/${userObject.csrf_k}`)) { return null; } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// /** ********************* check user verification */ if (userObject.verification_status == 0 && !csrf) { let currentVerificationStatus = await DB_HANDLER(`SELECT verification_status FROM users WHERE id='${userObject.id}'`); if (currentVerificationStatus && currentVerificationStatus[0] && currentVerificationStatus[0].verification_status == 1) { // userObject = await reAuthUser({ userId: userObject.id, res }); res.setHeader("Set-Cookie", [ `user_refresh=1` ]); } } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// if (userObject?.date && Date.now() - userObject.date > EXPIRY_TIME) { // console.log("Cookie expired"); return null; } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// /** ********************* return user object */ return userObject; }; /***/ }) }; ;