Ehrenamt/ff-admin-server
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 5 Packages Wiki Activity Actions

enhance: allow extended refresh duration to PWAs

Browse source
This commit is contained in:
Julian Krauser 2025-01-12 11:41:02 +01:00
parent b1e949dce2
commit 916a6da4a0
6 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.example
View file

@ -10,6 +10,7 @@ SERVER_PORT = portnumber
JWT_SECRET = ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 JWT_SECRET = ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890
JWT_EXPIRATION = [0-9]*(y|d|h|m|s) JWT_EXPIRATION = [0-9]*(y|d|h|m|s)
REFRESH_EXPIRATION = [0-9]*(y|d|h|m|s) REFRESH_EXPIRATION = [0-9]*(y|d|h|m|s)
PWA_REFRESH_EXPIRATION = [0-9]*(y|d|h|m|s)
MAIL_USERNAME = mail_username MAIL_USERNAME = mail_username
MAIL_PASSWORD = mail_password MAIL_PASSWORD = mail_password

13
README.md
View file

@ -25,20 +25,21 @@ services:
container_name: ff_member_administration_server container_name: ff_member_administration_server
restart: unless-stopped restart: unless-stopped
environment: environment:
- DB_TYPE=mysql - DB_TYPE=<mysql|sqlite> # default ist auf mysql gesetzt
- DB_HOST=ffm-db - DB_HOST=ffm-db
- DB_PORT=<number> # fallback ist auf 3306 gesetzt - DB_PORT=<number> # default ist auf 3306 gesetzt
- DB_NAME=ffadmin - DB_NAME=ffadmin
- DB_USERNAME=administration_backend - DB_USERNAME=administration_backend
- DB_PASSWORD=<dbuserpasswd> - DB_PASSWORD=<dbuserpasswd>
- JWT_SECRET=<tobemodified> - JWT_SECRET=<tobemodified>
- JWT_EXPIRATION=<number[m|d] - bsp.:15m> - JWT_EXPIRATION=<number[m|d] - bsp.:15m> # default ist auf 15m gesetzt
- REFRESH_EXPIRATION=<number[m|d] - bsp.:1d> - REFRESH_EXPIRATION=<number[m|d] - bsp.:1d> # default ist auf 1d gesetzt
- PWA_REFRESH_EXPIRATION=<number[m|d] - bsp.:5d> # default ist auf 5d gesetzt
- MAIL_USERNAME=<mailadress|username> - MAIL_USERNAME=<mailadress|username>
- MAIL_PASSWORD=<password> - MAIL_PASSWORD=<password>
- MAIL_HOST=<url> - MAIL_HOST=<url>
- MAIL_PORT=<port> - MAIL_PORT=<port> # default ist auf 578 gesetzt
- MAIL_SECURE=<boolean> - MAIL_SECURE=<boolean> # default ist auf false gesetzt
- CLUB_NAME=<tobemodified> - CLUB_NAME=<tobemodified>
- CLUB_WEBSITE=<tobemodified> - CLUB_WEBSITE=<tobemodified>
volumes: volumes:

1
src/command/refreshCommand.ts
View file

@ -1,5 +1,6 @@
export interface CreateRefreshCommand { export interface CreateRefreshCommand {
userId: number; userId: number;
isFromPwa?: boolean;
} }
export interface DeleteRefreshCommand { export interface DeleteRefreshCommand {

12
src/command/refreshCommandHandler.ts
View file

@ -1,11 +1,9 @@
import { dataSource } from "../data-source"; import { dataSource } from "../data-source";
import { refresh } from "../entity/refresh"; import { refresh } from "../entity/refresh";
import { REFRESH_EXPIRATION } from "../env.defaults"; import { PWA_REFRESH_EXPIRATION, REFRESH_EXPIRATION } from "../env.defaults";
import InternalException from "../exceptions/internalException"; import InternalException from "../exceptions/internalException";
import { JWTHelper } from "../helpers/jwtHelper";
import { StringHelper } from "../helpers/stringHelper"; import { StringHelper } from "../helpers/stringHelper";
import UserService from "../service/user/userService"; import UserService from "../service/user/userService";
import { JWTRefresh } from "../type/jwtTypes";
import { CreateRefreshCommand, DeleteRefreshCommand } from "./refreshCommand"; import { CreateRefreshCommand, DeleteRefreshCommand } from "./refreshCommand";
import ms from "ms"; import ms from "ms";
@ -16,10 +14,6 @@ export default abstract class RefreshCommandHandler {
* @returns {Promise<string>} * @returns {Promise<string>}
*/ */
static async create(createRefresh: CreateRefreshCommand): Promise<string> { static async create(createRefresh: CreateRefreshCommand): Promise<string> {
// let createRefreshToken: JWTRefresh = {
// userId: createRefresh.userId,
// };
// const refreshToken = await JWTHelper.create(createRefreshToken);
const refreshToken = StringHelper.random(32); const refreshToken = StringHelper.random(32);
return await dataSource return await dataSource
@ -29,7 +23,9 @@ export default abstract class RefreshCommandHandler {
.values({ .values({
token: refreshToken, token: refreshToken,
user: await UserService.getById(createRefresh.userId), user: await UserService.getById(createRefresh.userId),
expiry: new Date(Date.now() + ms(REFRESH_EXPIRATION)), expiry: createRefresh.isFromPwa
? new Date(Date.now() + ms(PWA_REFRESH_EXPIRATION))
: new Date(Date.now() + ms(REFRESH_EXPIRATION)),
}) })
.execute() .execute()
.then((result) => { .then((result) => {

5
src/controller/authController.ts
View file

@ -8,9 +8,6 @@ import UserService from "../service/user/userService";
import speakeasy from "speakeasy"; import speakeasy from "speakeasy";
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException"; import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
import RefreshService from "../service/refreshService"; import RefreshService from "../service/refreshService";
import UserPermissionService from "../service/user/userPermissionService";
import PermissionHelper from "../helpers/permissionHelper";
import RolePermissionService from "../service/user/rolePermissionService";
/** /**
* @description Check authentication status by token * @description Check authentication status by token
@ -39,6 +36,7 @@ export async function login(req: Request, res: Response): Promise<any> {
let refreshCommand: CreateRefreshCommand = { let refreshCommand: CreateRefreshCommand = {
userId: id, userId: id,
isFromPwa: req.isPWA,
}; };
let refreshToken = await RefreshCommandHandler.create(refreshCommand); let refreshToken = await RefreshCommandHandler.create(refreshCommand);
@ -83,6 +81,7 @@ export async function refresh(req: Request, res: Response): Promise<any> {
let refreshCommand: CreateRefreshCommand = { let refreshCommand: CreateRefreshCommand = {
userId: tokenUserId, userId: tokenUserId,
isFromPwa: req.isPWA,
}; };
let refreshToken = await RefreshCommandHandler.create(refreshCommand); let refreshToken = await RefreshCommandHandler.create(refreshCommand);

2
src/env.defaults.ts
View file

@ -13,6 +13,7 @@ export const SERVER_PORT = Number(process.env.SERVER_PORT ?? 5000);
export const JWT_SECRET = process.env.JWT_SECRET ?? "my_jwt_secret_string_ilughfnadiuhgq§$IUZGFVRweiouarbt1oub3h5q4a"; export const JWT_SECRET = process.env.JWT_SECRET ?? "my_jwt_secret_string_ilughfnadiuhgq§$IUZGFVRweiouarbt1oub3h5q4a";
export const JWT_EXPIRATION = process.env.JWT_EXPIRATION ?? "15m"; export const JWT_EXPIRATION = process.env.JWT_EXPIRATION ?? "15m";
export const REFRESH_EXPIRATION = process.env.REFRESH_EXPIRATION ?? "1d"; export const REFRESH_EXPIRATION = process.env.REFRESH_EXPIRATION ?? "1d";
export const PWA_REFRESH_EXPIRATION = process.env.PWA_REFRESH_EXPIRATION ?? "5d";
export const MAIL_USERNAME = process.env.MAIL_USERNAME ?? ""; export const MAIL_USERNAME = process.env.MAIL_USERNAME ?? "";
export const MAIL_PASSWORD = process.env.MAIL_PASSWORD ?? ""; export const MAIL_PASSWORD = process.env.MAIL_PASSWORD ?? "";
@ -35,6 +36,7 @@ export function configCheck() {
if (JWT_SECRET == "" || typeof JWT_SECRET != "string") throw new Error("set valid value to JWT_SECRET"); if (JWT_SECRET == "" || typeof JWT_SECRET != "string") throw new Error("set valid value to JWT_SECRET");
checkMS(JWT_EXPIRATION, "JWT_EXPIRATION"); checkMS(JWT_EXPIRATION, "JWT_EXPIRATION");
checkMS(REFRESH_EXPIRATION, "REFRESH_EXPIRATION"); checkMS(REFRESH_EXPIRATION, "REFRESH_EXPIRATION");
checkMS(PWA_REFRESH_EXPIRATION, "PWA_REFRESH_EXPIRATION");
if (MAIL_USERNAME == "" || typeof MAIL_USERNAME != "string") throw new Error("set valid value to MAIL_USERNAME"); if (MAIL_USERNAME == "" || typeof MAIL_USERNAME != "string") throw new Error("set valid value to MAIL_USERNAME");
if (MAIL_PASSWORD == "" || typeof MAIL_PASSWORD != "string") throw new Error("set valid value to MAIL_PASSWORD"); if (MAIL_PASSWORD == "" || typeof MAIL_PASSWORD != "string") throw new Error("set valid value to MAIL_PASSWORD");