Remove tutorials & add auth manager
This commit is contained in:
parent
a748b93133
commit
e87c4bb146
9 changed files with 46 additions and 198 deletions
|
|
@ -12,10 +12,11 @@ const JWTRS256_PRIVATE_KEY = Buffer.from(process.env.JWTRS256_PRIVATE_KEY, 'base
|
|||
const JWTRS256_PUBLIC_KEY = Buffer.from(process.env.JWTRS256_PUBLIC_KEY, 'base64').toString('utf-8');
|
||||
|
||||
|
||||
function createSessionJWT (mail) {
|
||||
function createSessionJWT (login, role) {
|
||||
return sessionJWTConfig.sign(
|
||||
{
|
||||
mail: mail,
|
||||
login: login,
|
||||
role: role,
|
||||
midExp: Math.floor(Date.now() / 1000) + 1800
|
||||
},
|
||||
JWTRS256_PRIVATE_KEY,
|
||||
|
|
@ -28,20 +29,21 @@ function createSessionJWT (mail) {
|
|||
|
||||
function createSessionCookie(req, res, payload) {
|
||||
let jwtToken;
|
||||
if ((typeof payload.mail !== 'undefined') &&
|
||||
(typeof payload.midExp !== 'undefined') &&
|
||||
if (typeof payload.login !== 'undefined' &&
|
||||
typeof payload.role !== 'undefined' &&
|
||||
typeof payload.midExp !== 'undefined' &&
|
||||
(Math.floor(Date.now() / 1000) <= payload.midExp)) {
|
||||
jwtToken = req.headers.cookie;
|
||||
}
|
||||
else {
|
||||
jwtToken = createSessionJWT(payload.mail);
|
||||
jwtToken = createSessionJWT(payload.login, payload.role);
|
||||
}
|
||||
res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false});
|
||||
}
|
||||
|
||||
function decodeSessionCookie(sessionid) {
|
||||
if (typeof sessionid === 'undefined') {
|
||||
return {mail: -1};
|
||||
return {login: -1, role: -1};
|
||||
}
|
||||
try {
|
||||
const token = sessionJWTConfig.verify(
|
||||
|
|
@ -51,7 +53,7 @@ function decodeSessionCookie(sessionid) {
|
|||
return {token: token};
|
||||
}
|
||||
catch (err) {
|
||||
return {mail: -1};
|
||||
return {login: -1, role: -1};
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -65,20 +67,28 @@ function setSessionCookie (req, res, session) {
|
|||
}
|
||||
module.exports.setSessionCookie = setSessionCookie;
|
||||
|
||||
function getMail(session) {
|
||||
function getToken(session) {
|
||||
if (typeof session === 'undefined' || typeof session.token === 'undefined') return -1;
|
||||
return session.token;
|
||||
}
|
||||
module.exports.getMail = getMail;
|
||||
module.exports.getToken = getToken;
|
||||
|
||||
function checkLogin(req, res){
|
||||
function checkLogin(req, res, role=null){
|
||||
if(typeof req.cookies !== 'undefined'){
|
||||
const session = getSession(req.cookies.SESSIONID);
|
||||
const token = getMail(session);
|
||||
if(token.mail === 'undefined' || token.mail === -1){
|
||||
const token = getToken(session);
|
||||
if(token.login === 'undefined' || token.login === -1){
|
||||
return sendError(res, 500, -1, "User not authenticated.");
|
||||
} else{
|
||||
return token;
|
||||
if(role === null){
|
||||
return token;
|
||||
} else{
|
||||
if(token.role !== 'undefined' && token.role === role){
|
||||
return token;
|
||||
} else{
|
||||
return sendError(res, 500, -1, "User doesn't have permission.", token);
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
return sendError(res, 500, -1, "Cookies don't exist.");
|
||||
|
|
|
|||
Reference in a new issue