Moduletrace/dsql-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d2d599dae3
dsql-admin/dsql-app/.local_dist/server/chunks/6825.js
Benjamin Toby 748ff55092 Bug Fixes
2024-11-05 15:18:40 +01:00

115 lines
4.2 KiB
JavaScript
Raw Blame History

"use strict";
exports.id = 6825;
exports.ids = [6825];
exports.modules = {
/***/ 6825:
/***/ ((module, __unused_webpack_exports, __webpack_require__) => {
// @ts-check
const http = __webpack_require__(3685);
const DB_HANDLER = __webpack_require__(2224);
const decrypt = __webpack_require__(5425);
const fs = __webpack_require__(7147);
const EXPIRY_TIME = 1000 * 60 * 60 * 24 * 1 * 7; // 7 days
/**
* @async
* @param {import("next").NextApiRequest | http.IncomingMessage & { cookies: Partial<{ [key: string]: string; }>; }} req - https request object
* @param {import("next").NextApiResponse | http.ServerResponse} res - https response object
* @param {boolean | null} [csrf] - csrf key
* @param {any} [query] - query object
*
* @returns {Promise<(import("@/package-shared/types").UserType | null)>}
*/ module.exports = async function userAuth(req, res, csrf, query) {
/** ********************* Check for existence of required cookie */ if (!req.cookies?.datasquirelAuthKey?.match(/./)) {
// console.log("No datasquirel key cookie present");
return null;
}
/** ********************* Grab the payload */ let userPayload = decrypt(req.cookies.datasquirelAuthKey);
/** ********************* Return if no payload */ if (!userPayload) {
// console.log("Couldn't Decrypt cookie");
return null;
}
/** ********************* Parse the payload */ let userObject = JSON.parse(userPayload);
if (!userObject.csrf_k) {
// console.log("No CSRF_K in decrypted payload");
return null;
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
if (csrf && // @ts-ignore
!req.headers["x-csrf-auth"]?.match(new RegExp(`${userObject.csrf_k}`))) {
// console.log("CSRF_K requested but does not match payload");
return null;
}
const allowedAuthKeysPath = process.env.DSQL_USER_LOGIN_KEYS_PATH;
if (!allowedAuthKeysPath) {
console.log(`DSQL_USER_LOGIN_KEYS_PATH env variable not found. Please set this variable.`);
return null;
}
if (csrf && !fs.existsSync(`${allowedAuthKeysPath}/${userObject.csrf_k}`)) {
return null;
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/** ********************* check user verification */ if (userObject.verification_status == 0 && !csrf) {
let currentVerificationStatus = await DB_HANDLER(`SELECT verification_status FROM users WHERE id='${userObject.id}'`);
if (currentVerificationStatus && currentVerificationStatus[0] && currentVerificationStatus[0].verification_status == 1) {
// userObject = await reAuthUser({ userId: userObject.id, res });
res.setHeader("Set-Cookie", [
`user_refresh=1`
]);
}
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
if (userObject?.date && Date.now() - userObject.date > EXPIRY_TIME) {
// console.log("Cookie expired");
return null;
}
////////////////////////////////////////
////////////////////////////////////////
////////////////////////////////////////
/** ********************* return user object */ return userObject;
};
/***/ }),
/***/ 5425:
/***/ ((module, __unused_webpack_exports, __webpack_require__) => {
// @ts-check
const { scryptSync , createDecipheriv } = __webpack_require__(6113);
const { Buffer } = __webpack_require__(4300);
/**
* @param {string} encryptedString
* @returns {string | null}
*/ const decrypt = (encryptedString)=>{
const algorithm = "aes-192-cbc";
const password = process.env.DSQL_ENCRYPTION_PASSWORD || "";
const salt = process.env.DSQL_ENCRYPTION_SALT || "";
let key = scryptSync(password, salt, 24);
let iv = Buffer.alloc(16, 0);
// @ts-ignore
const decipher = createDecipheriv(algorithm, key, iv);
try {
let decrypted = decipher.update(encryptedString, "hex", "utf8");
decrypted += decipher.final("utf8");
return decrypted;
} catch (error) {
return null;
}
};
module.exports = decrypt;
/***/ })
};
;
Reference in New Issue View Git Blame Copy Permalink