ff-admin-server/src/controller/authController.ts

import { Request, Response } from "express";
import { JWTHelper } from "../helpers/jwtHelper";
import { JWTToken } from "../type/jwtTypes";
import InternalException from "../exceptions/internalException";
import RefreshCommandHandler from "../command/refreshCommandHandler";
import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
import UserService from "../service/userService";
import speakeasy from "speakeasy";
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
import RefreshService from "../service/refreshService";
import UserPermissionService from "../service/userPermissionService";
import PermissionHelper from "../helpers/permissionHelper";
import RolePermissionService from "../service/rolePermissionService";

/**
 * @description Check authentication status by token
 * @param req {Request} Express req object
 * @param res {Response} Express res object
 * @returns {Promise<*>}
 */
export async function login(req: Request, res: Response): Promise<any> {
  let username = req.body.username;
  let totp = req.body.totp;

  let { id, secret, mail, firstname, lastname, isOwner } = await UserService.getByUsername(username);

  let valid = speakeasy.totp.verify({
    secret: secret,
    encoding: "base32",
    token: totp,
    window: 2,
  });

  if (!valid) {
    throw new UnauthorizedRequestException("Token not valid or expired");
  }

  let userPermissions = await UserPermissionService.getByUser(id);
  let userPermissionStrings = userPermissions.map((e) => e.permission);
  let userRoles = await UserService.getAssignedRolesByUserId(id);
  let rolePermissions = userRoles.length != 0 ? await RolePermissionService.getByRoles(userRoles.map((e) => e.id)) : [];
  let rolePermissionStrings = rolePermissions.map((e) => e.permission);
  let permissionObject = PermissionHelper.convertToObject([...userPermissionStrings, ...rolePermissionStrings]);

  let jwtData: JWTToken = {
    userId: id,
    mail: mail,
    username: username,
    firstname: firstname,
    lastname: lastname,
    isOwner: isOwner,
    permissions: permissionObject,
  };

  let accessToken: string;
  let refreshToken: string;

  JWTHelper.create(jwtData)
    .then((result) => {
      accessToken = result;
    })
    .catch((err) => {
      console.log(err);
      throw new InternalException("Failed accessToken creation", err);
    });

  let refreshCommand: CreateRefreshCommand = {
    userId: id,
  };
  refreshToken = await RefreshCommandHandler.create(refreshCommand);

  res.json({
    accessToken,
    refreshToken,
  });
}

/**
 * @description logout user by token (invalidate refresh token)
 * @param req {Request} Express req object
 * @param res {Response} Express res object
 * @returns {Promise<*>}
 */
export async function logout(req: Request, res: Response): Promise<any> {}

/**
 * @description refresh expired token
 * @param req {Request} Express req object
 * @param res {Response} Express res object
 * @returns {Promise<*>}
 */
export async function refresh(req: Request, res: Response): Promise<any> {
  let token = req.body.accessToken;
  let refresh = req.body.refreshToken;

  const tokenUser = await JWTHelper.decode(token);
  if (typeof tokenUser == "string" || !tokenUser) {
    throw new InternalException("process failed");
  }

  let tokenUserId = (tokenUser as JWTToken).userId;

  let { user } = await RefreshService.getByToken(refresh);

  if (tokenUserId != user.id) {
    throw new UnauthorizedRequestException("user not identified with token and refresh");
  }

  let { id, username, mail, firstname, lastname, isOwner } = await UserService.getById(tokenUserId);

  let permissions = await UserPermissionService.getByUser(id);
  let permissionStrings = permissions.map((e) => e.permission);
  let permissionObject = PermissionHelper.convertToObject(permissionStrings);

  let jwtData: JWTToken = {
    userId: id,
    mail: mail,
    username: username,
    firstname: firstname,
    lastname: lastname,
    isOwner: isOwner,
    permissions: permissionObject,
  };

  let accessToken: string;
  let refreshToken: string;

  JWTHelper.create(jwtData)
    .then((result) => {
      accessToken = result;
    })
    .catch((err) => {
      throw new InternalException("Failed accessToken creation", err);
    });

  let refreshCommand: CreateRefreshCommand = {
    userId: id,
  };
  refreshToken = await RefreshCommandHandler.create(refreshCommand);

  let removeToken: DeleteRefreshCommand = {
    userId: id,
    token: refresh,
  };
  await RefreshCommandHandler.deleteByToken(removeToken);

  res.json({
    accessToken,
    refreshToken,
  });
}
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`import { Request, Response } from "express";`
			`import { JWTHelper } from "../helpers/jwtHelper";`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`import { JWTToken } from "../type/jwtTypes";`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`import InternalException from "../exceptions/internalException";`
			`import RefreshCommandHandler from "../command/refreshCommandHandler";`
token refresh 2024-08-25 08:09:57 +00:00			`import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`import UserService from "../service/userService";`
			`import speakeasy from "speakeasy";`
			`import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";`
token refresh 2024-08-23 12:42:47 +00:00			`import RefreshService from "../service/refreshService";`
roles and permissions 2024-08-27 15:54:59 +00:00			`import UserPermissionService from "../service/userPermissionService";`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`import PermissionHelper from "../helpers/permissionHelper";`
roles and permissions 2024-08-27 15:54:59 +00:00			`import RolePermissionService from "../service/rolePermissionService";`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00
			`/**`
			`* @description Check authentication status by token`
			`* @param req {Request} Express req object`
			`* @param res {Response} Express res object`
			`* @returns {Promise<*>}`
			`*/`
			`export async function login(req: Request, res: Response): Promise<any> {`
			`let username = req.body.username;`
			`let totp = req.body.totp;`

ownership 2024-10-07 16:09:27 +00:00			`let { id, secret, mail, firstname, lastname, isOwner } = await UserService.getByUsername(username);`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00
			`let valid = speakeasy.totp.verify({`
			`secret: secret,`
			`encoding: "base32",`
			`token: totp,`
			`window: 2,`
			`});`

			`if (!valid) {`
			`throw new UnauthorizedRequestException("Token not valid or expired");`
			`}`

roles and permissions 2024-08-27 15:54:59 +00:00			`let userPermissions = await UserPermissionService.getByUser(id);`
			`let userPermissionStrings = userPermissions.map((e) => e.permission);`
			`let userRoles = await UserService.getAssignedRolesByUserId(id);`
user and role controllers 2024-09-01 12:55:05 +00:00			`let rolePermissions = userRoles.length != 0 ? await RolePermissionService.getByRoles(userRoles.map((e) => e.id)) : [];`
roles and permissions 2024-08-27 15:54:59 +00:00			`let rolePermissionStrings = rolePermissions.map((e) => e.permission);`
			`let permissionObject = PermissionHelper.convertToObject([...userPermissionStrings, ...rolePermissionStrings]);`
permission system - permission formatting 2024-08-26 11:47:08 +00:00
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`let jwtData: JWTToken = {`
			`userId: id,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`mail: mail,`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`username: username,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`firstname: firstname,`
			`lastname: lastname,`
ownership 2024-10-07 16:09:27 +00:00			`isOwner: isOwner,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`permissions: permissionObject,`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`};`

			`let accessToken: string;`
			`let refreshToken: string;`

			`JWTHelper.create(jwtData)`
			`.then((result) => {`
			`accessToken = result;`
			`})`
			`.catch((err) => {`
			`console.log(err);`
efficiency and exception change 2024-09-06 08:08:19 +00:00			`throw new InternalException("Failed accessToken creation", err);`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`});`

			`let refreshCommand: CreateRefreshCommand = {`
			`userId: id,`
			`};`
			`refreshToken = await RefreshCommandHandler.create(refreshCommand);`

			`res.json({`
			`accessToken,`
			`refreshToken,`
			`});`
			`}`

			`/**`
			`* @description logout user by token (invalidate refresh token)`
			`* @param req {Request} Express req object`
			`* @param res {Response} Express res object`
			`* @returns {Promise<*>}`
			`*/`
			`export async function logout(req: Request, res: Response): Promise<any> {}`

			`/**`
			`* @description refresh expired token`
			`* @param req {Request} Express req object`
			`* @param res {Response} Express res object`
			`* @returns {Promise<*>}`
			`*/`
			`export async function refresh(req: Request, res: Response): Promise<any> {`
token refresh 2024-08-25 08:09:57 +00:00			`let token = req.body.accessToken;`
			`let refresh = req.body.refreshToken;`
token refresh 2024-08-23 12:42:47 +00:00
			`const tokenUser = await JWTHelper.decode(token);`
			`if (typeof tokenUser == "string" \|\| !tokenUser) {`
			`throw new InternalException("process failed");`
			`}`

			`let tokenUserId = (tokenUser as JWTToken).userId;`

			`let { user } = await RefreshService.getByToken(refresh);`

			`if (tokenUserId != user.id) {`
			`throw new UnauthorizedRequestException("user not identified with token and refresh");`
			`}`

ownership 2024-10-07 16:09:27 +00:00			`let { id, username, mail, firstname, lastname, isOwner } = await UserService.getById(tokenUserId);`
permission system - permission formatting 2024-08-26 11:47:08 +00:00
roles and permissions 2024-08-27 15:54:59 +00:00			`let permissions = await UserPermissionService.getByUser(id);`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`let permissionStrings = permissions.map((e) => e.permission);`
			`let permissionObject = PermissionHelper.convertToObject(permissionStrings);`
token refresh 2024-08-23 12:42:47 +00:00
			`let jwtData: JWTToken = {`
			`userId: id,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`mail: mail,`
token refresh 2024-08-23 12:42:47 +00:00			`username: username,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`firstname: firstname,`
			`lastname: lastname,`
ownership 2024-10-07 16:09:27 +00:00			`isOwner: isOwner,`
permission system - permission formatting 2024-08-26 11:47:08 +00:00			`permissions: permissionObject,`
token refresh 2024-08-23 12:42:47 +00:00			`};`

			`let accessToken: string;`
			`let refreshToken: string;`

			`JWTHelper.create(jwtData)`
			`.then((result) => {`
			`accessToken = result;`
			`})`
			`.catch((err) => {`
efficiency and exception change 2024-09-06 08:08:19 +00:00			`throw new InternalException("Failed accessToken creation", err);`
token refresh 2024-08-23 12:42:47 +00:00			`});`

			`let refreshCommand: CreateRefreshCommand = {`
			`userId: id,`
			`};`
			`refreshToken = await RefreshCommandHandler.create(refreshCommand);`

token refresh 2024-08-25 08:09:57 +00:00			`let removeToken: DeleteRefreshCommand = {`
			`userId: id,`
			`token: refresh,`
			`};`
			`await RefreshCommandHandler.deleteByToken(removeToken);`
token refresh 2024-08-23 12:42:47 +00:00
			`res.json({`
			`accessToken,`
			`refreshToken,`
			`});`
login and authentication login via totp authentication via access and refresh tokens 2024-08-22 09:40:31 +00:00			`}`