login and authentication

login via totp authentication via access and refresh tokens
2024-08-22 11:40:31 +02:00 · 2024-08-22 11:40:31 +02:00 · e1ec65350d
commit e1ec65350d
parent 6696975bee
28 changed files with 3750 additions and 0 deletions
--- a/src/controller/authController.ts
+++ b/src/controller/authController.ts
@ -0,0 +1,111 @@
+import { Request, Response } from "express";
+import { JWTHelper } from "../helpers/jwtHelper";
+import { JWTToken } from "../type/jwtTypes";
+import InternalException from "../exceptions/internalException";
+import RefreshCommandHandler from "../command/refreshCommandHandler";
+import { CreateRefreshCommand } from "../command/refreshCommand";
+import UserService from "../service/userService";
+import speakeasy from "speakeasy";
+import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
+import QRCode from "qrcode";
+import { CreateUserCommand } from "../command/userCommand";
+import UserCommandHandler from "../command/userCommandHandler";
+
+/**
+ * @description Check authentication status by token
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function login(req: Request, res: Response): Promise<any> {
+  let username = req.body.username;
+  let totp = req.body.totp;
+
+  let { id, secret } = await UserService.getByUsername(username);
+
+  let valid = speakeasy.totp.verify({
+    secret: secret,
+    encoding: "base32",
+    token: totp,
+    window: 2,
+  });
+
+  if (!valid) {
+    throw new UnauthorizedRequestException("Token not valid or expired");
+  }
+
+  let jwtData: JWTToken = {
+    userId: id,
+    username: username,
+    rights: [],
+  };
+
+  let accessToken: string;
+  let refreshToken: string;
+
+  JWTHelper.create(jwtData)
+    .then((result) => {
+      accessToken = result;
+    })
+    .catch((err) => {
+      console.log(err);
+      throw new InternalException("Failed accessToken creation");
+    });
+
+  let refreshCommand: CreateRefreshCommand = {
+    userId: id,
+  };
+  refreshToken = await RefreshCommandHandler.create(refreshCommand);
+
+  res.json({
+    accessToken,
+    refreshToken,
+  });
+}
+
+/**
+ * @description logout user by token (invalidate refresh token)
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function logout(req: Request, res: Response): Promise<any> {}
+
+/**
+ * @description refresh expired token
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function refresh(req: Request, res: Response): Promise<any> {
+  let token = req.body.token;
+  let refresh = req.body.refresh;
+}
+
+/**
+ * @description register new user
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function register(req: Request, res: Response): Promise<any> {
+  // TODO: change to invitation only
+  let username = req.body.username;
+  let mail = req.body.mail;
+  var secret = speakeasy.generateSecret({ length: 20, name: "Mitgliederverwaltung" });
+
+  let createUser: CreateUserCommand = {
+    username: username,
+    mail: mail,
+    secret: secret.base32,
+  };
+  await UserCommandHandler.create(createUser);
+
+  QRCode.toDataURL(secret.otpauth_url)
+    .then((result) => {
+      res.send(result);
+    })
+    .catch((err) => {
+      throw new InternalException("QRCode not created");
+    });
+}