162 lines
4.4 KiB
TypeScript
162 lines
4.4 KiB
TypeScript
import { Request, Response } from "express";
|
|
import { JWTHelper } from "../helpers/jwtHelper";
|
|
import { JWTData, JWTToken } from "../type/jwtTypes";
|
|
import InternalException from "../exceptions/internalException";
|
|
import RefreshCommandHandler from "../command/refreshCommandHandler";
|
|
import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
|
|
import UserService from "../service/userService";
|
|
import speakeasy from "speakeasy";
|
|
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
|
|
import QRCode from "qrcode";
|
|
import { CreateUserCommand } from "../command/userCommand";
|
|
import UserCommandHandler from "../command/userCommandHandler";
|
|
import RefreshService from "../service/refreshService";
|
|
import BadRequestException from "../exceptions/badRequestException";
|
|
|
|
/**
|
|
* @description Check authentication status by token
|
|
* @param req {Request} Express req object
|
|
* @param res {Response} Express res object
|
|
* @returns {Promise<*>}
|
|
*/
|
|
export async function login(req: Request, res: Response): Promise<any> {
|
|
let username = req.body.username;
|
|
let totp = req.body.totp;
|
|
|
|
let { id, secret } = await UserService.getByUsername(username);
|
|
|
|
let valid = speakeasy.totp.verify({
|
|
secret: secret,
|
|
encoding: "base32",
|
|
token: totp,
|
|
window: 2,
|
|
});
|
|
|
|
if (!valid) {
|
|
throw new UnauthorizedRequestException("Token not valid or expired");
|
|
}
|
|
|
|
let jwtData: JWTToken = {
|
|
userId: id,
|
|
username: username,
|
|
rights: [],
|
|
};
|
|
|
|
let accessToken: string;
|
|
let refreshToken: string;
|
|
|
|
JWTHelper.create(jwtData)
|
|
.then((result) => {
|
|
accessToken = result;
|
|
})
|
|
.catch((err) => {
|
|
console.log(err);
|
|
throw new InternalException("Failed accessToken creation");
|
|
});
|
|
|
|
let refreshCommand: CreateRefreshCommand = {
|
|
userId: id,
|
|
};
|
|
refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
|
|
|
res.json({
|
|
accessToken,
|
|
refreshToken,
|
|
});
|
|
}
|
|
|
|
/**
|
|
* @description logout user by token (invalidate refresh token)
|
|
* @param req {Request} Express req object
|
|
* @param res {Response} Express res object
|
|
* @returns {Promise<*>}
|
|
*/
|
|
export async function logout(req: Request, res: Response): Promise<any> {}
|
|
|
|
/**
|
|
* @description refresh expired token
|
|
* @param req {Request} Express req object
|
|
* @param res {Response} Express res object
|
|
* @returns {Promise<*>}
|
|
*/
|
|
export async function refresh(req: Request, res: Response): Promise<any> {
|
|
let token = req.body.accessToken;
|
|
let refresh = req.body.refreshToken;
|
|
|
|
const tokenUser = await JWTHelper.decode(token);
|
|
if (typeof tokenUser == "string" || !tokenUser) {
|
|
throw new InternalException("process failed");
|
|
}
|
|
|
|
let tokenUserId = (tokenUser as JWTToken).userId;
|
|
|
|
let { user } = await RefreshService.getByToken(refresh);
|
|
|
|
if (tokenUserId != user.id) {
|
|
throw new UnauthorizedRequestException("user not identified with token and refresh");
|
|
}
|
|
|
|
let { id, username } = await UserService.getById(tokenUserId);
|
|
|
|
let jwtData: JWTToken = {
|
|
userId: id,
|
|
username: username,
|
|
rights: [],
|
|
};
|
|
|
|
let accessToken: string;
|
|
let refreshToken: string;
|
|
|
|
JWTHelper.create(jwtData)
|
|
.then((result) => {
|
|
accessToken = result;
|
|
})
|
|
.catch((err) => {
|
|
console.log(err);
|
|
throw new InternalException("Failed accessToken creation");
|
|
});
|
|
|
|
let refreshCommand: CreateRefreshCommand = {
|
|
userId: id,
|
|
};
|
|
refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
|
|
|
let removeToken: DeleteRefreshCommand = {
|
|
userId: id,
|
|
token: refresh,
|
|
};
|
|
await RefreshCommandHandler.deleteByToken(removeToken);
|
|
|
|
res.json({
|
|
accessToken,
|
|
refreshToken,
|
|
});
|
|
}
|
|
|
|
/**
|
|
* @description register new user
|
|
* @param req {Request} Express req object
|
|
* @param res {Response} Express res object
|
|
* @returns {Promise<*>}
|
|
*/
|
|
export async function register(req: Request, res: Response): Promise<any> {
|
|
// TODO: change to invitation only
|
|
let username = req.body.username;
|
|
let mail = req.body.mail;
|
|
var secret = speakeasy.generateSecret({ length: 20, name: "Mitgliederverwaltung" });
|
|
|
|
let createUser: CreateUserCommand = {
|
|
username: username,
|
|
mail: mail,
|
|
secret: secret.base32,
|
|
};
|
|
await UserCommandHandler.create(createUser);
|
|
|
|
QRCode.toDataURL(secret.otpauth_url)
|
|
.then((result) => {
|
|
res.send(result);
|
|
})
|
|
.catch((err) => {
|
|
throw new InternalException("QRCode not created");
|
|
});
|
|
}
|