yvachot/chatless
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Merge branch 'frontend_test_general' into 'master'

Browse source 
Frontend test general

See merge request groupe100idee/chatless!2
This commit is contained in:
Yûki Vachot 2021-05-29 14:39:34 +02:00
commit 8db26dad25
13 changed files with 450 additions and 225 deletions
Download patch file Download diff file Expand all files Collapse all files

17
backend/service-authentication/auth.js
View file

@ -1,30 +1,21 @@
const sessionJwt = require ('./sessionJWT'); const sessionJwt = require ('./sessionJWT');
const queries = require('./mongodbQueries'); const queries = require('./mongodbQueries');
// ici, on récupère le contenu du cookie de session JWT. function getSession (sessionid,res) {
// celui-ci contient le userId mais également des informations return sessionJwt.decodeSessionCookie(sessionid,res);
// concernant sa date d'expiration.
function getSession (req) {
return sessionJwt.decodeSessionCookie(req);
} }
module.exports.getSession = getSession; module.exports.getSession = getSession;
// cette fonction ajoute le cookie de session au headers du
// message qui sera renvoyé à Angular. Si le cookie actuel
// est "vieux", on en recrée ici un nouveau.
function setSessionCookie (req, res, session) { function setSessionCookie (req, res, session) {
sessionJwt.createSessionCookie(req, res, session); sessionJwt.createSessionCookie(req, res, session);
} }
module.exports.setSessionCookie = setSessionCookie; module.exports.setSessionCookie = setSessionCookie;
// fonction pour récupérer le userId provenant du cookie function getUsername(session) {
// de session. Si ce dernier n'existe pas, on renvoie
// l'ID -1.
function getUserId(session) {
if (typeof session.username === 'undefined') return -1; if (typeof session.username === 'undefined') return -1;
return session.username; return session.username;
} }
module.exports.getUserId = getUserId; module.exports.getUserId = getUsername;
async function authenticate(req, res) { async function authenticate(req, res) {
const login = req.body.login; const login = req.body.login;

0
backend/keys/jwtRS256.key → backend/service-authentication/keys/jwtRS256.key
View file

0
backend/keys/jwtRS256.key.pub → backend/service-authentication/keys/jwtRS256.key.pub
View file

0
backend/keys/jwtRS256.sh → backend/service-authentication/keys/jwtRS256.sh
View file

9
backend/service-authentication/server.js
View file

@ -19,17 +19,24 @@ mongoConnect.connectToServer(function( err, client ) {
const checkLogin = require('./checkLogin'); const checkLogin = require('./checkLogin');
const register = require('./register'); const register = require('./register');
const queries = require('./mongodbQueries'); const queries = require('./mongodbQueries');
const auth = require('./auth');
queries.register('Server','admin'); queries.register('Server','admin');
queries.register('khai','test'); queries.register('khai','test');
queries.register('wilfried','test'); queries.register('wilfried','test');
queries.register('yuki','test'); queries.register('yuki','test');
app.post('/verify:token', (req, res) => {
if(typeof req.body !== 'undefined'){
auth.getSession(req.body.sessionid,res);
}
return null;
});
app.post('/checkLogin', (req, res) => { app.post('/checkLogin', (req, res) => {
checkLogin(req,res); checkLogin(req,res);
}); });
app.post('/register', (req, res) => { app.post('/register', (req, res) => {
register(req,res); register(req,res);
}); });

64
backend/service-authentication/sessionJWT.js
View file

@ -1,88 +1,50 @@
const sessionJWT = require ('jsonwebtoken'); const sessionJWT = require ('jsonwebtoken');
const fs = require ('fs'); const fs = require ('fs');
const {sendError, sendMessage} = require ("./message");
// renvoie un nouveau token JWT
function createSessionJWT (username) { function createSessionJWT (username) {
// ci-dessous, on met en place le cookie de session JWT : const RSA_PRIVATE_KEY = fs.readFileSync('./keys/jwtRS256.key');
// 1/ on recupere notre clef privee return sessionJWT.sign(
const RSA_PRIVATE_KEY = fs.readFileSync('../keys/jwtRS256.key');
// 2/ on signe un token JWT. Le payload est l'identifiant de
// l'utilisateur ainsi qu'une date d'expiration à mi-parcours :
// on récupérra ultérieurement ces informations, qui permettront
// de savoir si le token est valide ou non et de connaître l'ID
// de l'utilisateur. Dans le token, le champ exp indique la date
// de validité du token (pas besoin de se relogguer tant que la
// date actuelle est inférieure à exp) et le champ midExp indique
// à partir de quel moment on doit recréer un nouveau cookie de
// session.
const jwtToken = sessionJWT.sign(
{ {
username: username, username: username,
midExp: Math.floor(Date.now() / 1000) + 1800 // validité: 30mn midExp: Math.floor(Date.now() / 1000) + 1800
}, },
RSA_PRIVATE_KEY, RSA_PRIVATE_KEY,
{ {
algorithm: 'RS256', algorithm: 'RS256',
expiresIn: '1h' // champ exp: validité 1h expiresIn: '1h'
}); }
);
return jwtToken;
} }
// crée un cookie de session JWT (Si le JWT de la requête est encore valide,
// on l'utilise, sinon on en recrée un nouveau)
function createSessionCookie(req, res, payload) { function createSessionCookie(req, res, payload) {
// on regarde si le payload contient les champs userId et midExp. Si c'est le let jwtToken;
// cas, c'est qu'on a reçu dans la request un cookie. On va donc vérifier si
// ce cookie est encore valide ou non : si la date actuelle est inférieure à
// midExp, alors le cookie est encore valide et on peut le renvoyer. Sinon,
// on doit recalculer un nouveau cookie.
let jwtToken = '';
if ((typeof payload.username !== 'undefined') && if ((typeof payload.username !== 'undefined') &&
(typeof payload.midExp !== 'undefined') && (typeof payload.midExp !== 'undefined') &&
(Math.floor(Date.now() / 1000) <= payload.midExp)) { (Math.floor(Date.now() / 1000) <= payload.midExp)) {
jwtToken = req.headers.cookie; jwtToken = req.headers.cookie;
} }
else { else {
// on crée
// un nouveau cookie
jwtToken = createSessionJWT(payload.username); jwtToken = createSessionJWT(payload.username);
} }
// on renvoie le cookie au client
// on met le secure à false afin de pouvoir utiliser http plutôt que https
res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false}); res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false});
} }
module.exports.createSessionCookie = createSessionCookie; module.exports.createSessionCookie = createSessionCookie;
function decodeSessionCookie(sessionid, res) {
// décode un cookie de session et renvoie les informations contenues dans ce if (typeof sessionid === 'undefined') {
// cookie, notamment le userId. Si le cookie n'existe pas, la fonction renvoie
// juste un objet avec un userId égal à -1.
function decodeSessionCookie(req) {
// si l'on n'a pas de cookie de session, on renvoie une session avec vide,
// avec juste un userId à -1
if (typeof req.headers.cookie === 'undefined') {
return { username: -1 }; return { username: -1 };
} }
const sessionid = req.headers.cookie.replace('SESSIONID=',''); const RSA_PUBLIC_KEY = fs.readFileSync('./keys/jwtRS256.key.pub');
// on lit la clef publique
const RSA_PUBLIC_KEY = fs.readFileSync('../keys/jwtRS256.key.pub');
// on récupère les données du cookie
try { try {
const token = sessionJWT.verify( const token = sessionJWT.verify(
sessionid, sessionid,
RSA_PUBLIC_KEY, RSA_PUBLIC_KEY,
{algorithms: ['RS256']}); {algorithms: ['RS256']});
return token; return sendMessage(res,{token: token});
} }
catch (err) { catch (err) {
return {username: err}; return sendError(res,{username: -1});
} }
} }
module.exports.decodeSessionCookie = decodeSessionCookie; module.exports.decodeSessionCookie = decodeSessionCookie;

38
backend/service-message/auth.js
View file

@ -1,26 +1,28 @@
const sessionJwt = require ('./sessionJWT'); const request = require('request');
// ici, on récupère le contenu du cookie de session JWT. function getSession (req, callback) {
// celui-ci contient le userId mais également des informations if(typeof req.headers.cookie !== 'undefined'){
// concernant sa date d'expiration. request.post({
function getSession (req) { headers: {'content-type' : 'application/x-www-form-urlencoded'},
return sessionJwt.decodeSessionCookie(req); url: 'http://127.0.0.1:3000/verify:token',
body: 'sessionid='+req.headers.cookie.replace('SESSIONID=','')
},function (error, response, body) {
const bodyJson = JSON.parse(body);
if (bodyJson && bodyJson.status && bodyJson.data) {
if (bodyJson.status === 'ok') {
return callback(bodyJson.data.token);
} else {
return callback(bodyJson.data.reason);
}
}
});
}
return callback(undefined);
} }
module.exports.getSession = getSession; module.exports.getSession = getSession;
// cette fonction ajoute le cookie de session au headers du
// message qui sera renvoyé à Angular. Si le cookie actuel
// est "vieux", on en recrée ici un nouveau.
function setSessionCookie (req, res, session) {
sessionJwt.createSessionCookie(req, res, session);
}
module.exports.setSessionCookie = setSessionCookie;
// fonction pour récupérer le userId provenant du cookie
// de session. Si ce dernier n'existe pas, on renvoie
// l'ID -1.
function getUsername(session) { function getUsername(session) {
if (typeof session.username === 'undefined') return -1; if (typeof session === 'undefined' || typeof session.username === 'undefined') return -1;
return session.username; return session.username;
} }
module.exports.getUsername = getUsername; module.exports.getUsername = getUsername;

347
backend/service-message/package-lock.json generated
View file

@ -50,11 +50,56 @@
"negotiator": "0.6.2" "negotiator": "0.6.2"
} }
}, },
"ajv": {
"version": "6.12.6",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
"integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.1",
"fast-json-stable-stringify": "^2.0.0",
"json-schema-traverse": "^0.4.1",
"uri-js": "^4.2.2"
}
},
"array-flatten": { "array-flatten": {
"version": "1.1.1", "version": "1.1.1",
"resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
"integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI="
}, },
"asn1": {
"version": "0.2.4",
"resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz",
"integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==",
"dev": true,
"requires": {
"safer-buffer": "~2.1.0"
}
},
"assert-plus": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
"integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=",
"dev": true
},
"asynckit": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
"integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=",
"dev": true
},
"aws-sign2": {
"version": "0.7.0",
"resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz",
"integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=",
"dev": true
},
"aws4": {
"version": "1.11.0",
"resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz",
"integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==",
"dev": true
},
"base64-arraybuffer": { "base64-arraybuffer": {
"version": "0.1.4", "version": "0.1.4",
"resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-0.1.4.tgz", "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-0.1.4.tgz",
@ -65,6 +110,15 @@
"resolved": "https://registry.npmjs.org/base64id/-/base64id-2.0.0.tgz", "resolved": "https://registry.npmjs.org/base64id/-/base64id-2.0.0.tgz",
"integrity": "sha512-lGe34o6EHj9y3Kts9R4ZYs/Gr+6N7MCaMlIFA3F1R2O5/m7K06AxfSeO5530PEERE6/WyEg3lsuyw4GHlPZHog==" "integrity": "sha512-lGe34o6EHj9y3Kts9R4ZYs/Gr+6N7MCaMlIFA3F1R2O5/m7K06AxfSeO5530PEERE6/WyEg3lsuyw4GHlPZHog=="
}, },
"bcrypt-pbkdf": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",
"integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=",
"dev": true,
"requires": {
"tweetnacl": "^0.14.3"
}
},
"bl": { "bl": {
"version": "2.2.1", "version": "2.2.1",
"resolved": "https://registry.npmjs.org/bl/-/bl-2.2.1.tgz", "resolved": "https://registry.npmjs.org/bl/-/bl-2.2.1.tgz",
@ -111,6 +165,21 @@
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==" "integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
}, },
"caseless": {
"version": "0.12.0",
"resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz",
"integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=",
"dev": true
},
"combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
"dev": true,
"requires": {
"delayed-stream": "~1.0.0"
}
},
"component-emitter": { "component-emitter": {
"version": "1.3.0", "version": "1.3.0",
"resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz",
@ -162,6 +231,15 @@
"vary": "^1" "vary": "^1"
} }
}, },
"dashdash": {
"version": "1.14.1",
"resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz",
"integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=",
"dev": true,
"requires": {
"assert-plus": "^1.0.0"
}
},
"debug": { "debug": {
"version": "2.6.9", "version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@ -170,6 +248,12 @@
"ms": "2.0.0" "ms": "2.0.0"
} }
}, },
"delayed-stream": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
"integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=",
"dev": true
},
"denque": { "denque": {
"version": "1.5.0", "version": "1.5.0",
"resolved": "https://registry.npmjs.org/denque/-/denque-1.5.0.tgz", "resolved": "https://registry.npmjs.org/denque/-/denque-1.5.0.tgz",
@ -185,6 +269,16 @@
"resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz", "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz",
"integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=" "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA="
}, },
"ecc-jsbn": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
"integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=",
"dev": true,
"requires": {
"jsbn": "~0.1.0",
"safer-buffer": "^2.1.0"
}
},
"ecdsa-sig-formatter": { "ecdsa-sig-formatter": {
"version": "1.0.11", "version": "1.0.11",
"resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
@ -292,6 +386,30 @@
"vary": "~1.1.2" "vary": "~1.1.2"
} }
}, },
"extend": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
"integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==",
"dev": true
},
"extsprintf": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz",
"integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=",
"dev": true
},
"fast-deep-equal": {
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
"integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==",
"dev": true
},
"fast-json-stable-stringify": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz",
"integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==",
"dev": true
},
"finalhandler": { "finalhandler": {
"version": "1.1.2", "version": "1.1.2",
"resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz", "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz",
@ -306,6 +424,23 @@
"unpipe": "~1.0.0" "unpipe": "~1.0.0"
} }
}, },
"forever-agent": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz",
"integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=",
"dev": true
},
"form-data": {
"version": "2.3.3",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz",
"integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==",
"dev": true,
"requires": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.6",
"mime-types": "^2.1.12"
}
},
"forwarded": { "forwarded": {
"version": "0.1.2", "version": "0.1.2",
"resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz",
@ -321,6 +456,31 @@
"resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz", "resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz",
"integrity": "sha1-invTcYa23d84E/I4WLV+yq9eQdQ=" "integrity": "sha1-invTcYa23d84E/I4WLV+yq9eQdQ="
}, },
"getpass": {
"version": "0.1.7",
"resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz",
"integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=",
"dev": true,
"requires": {
"assert-plus": "^1.0.0"
}
},
"har-schema": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz",
"integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=",
"dev": true
},
"har-validator": {
"version": "5.1.5",
"resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz",
"integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==",
"dev": true,
"requires": {
"ajv": "^6.12.3",
"har-schema": "^2.0.0"
}
},
"http-errors": { "http-errors": {
"version": "1.7.2", "version": "1.7.2",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz",
@ -333,6 +493,17 @@
"toidentifier": "1.0.0" "toidentifier": "1.0.0"
} }
}, },
"http-signature": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz",
"integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=",
"dev": true,
"requires": {
"assert-plus": "^1.0.0",
"jsprim": "^1.2.2",
"sshpk": "^1.7.0"
}
},
"iconv-lite": { "iconv-lite": {
"version": "0.4.24", "version": "0.4.24",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
@ -351,11 +522,47 @@
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
"integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==" "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
}, },
"is-typedarray": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz",
"integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=",
"dev": true
},
"isarray": { "isarray": {
"version": "1.0.0", "version": "1.0.0",
"resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
"integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
}, },
"isstream": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
"integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=",
"dev": true
},
"jsbn": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
"integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=",
"dev": true
},
"json-schema": {
"version": "0.2.3",
"resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz",
"integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=",
"dev": true
},
"json-schema-traverse": {
"version": "0.4.1",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
"integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
"dev": true
},
"json-stringify-safe": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
"integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=",
"dev": true
},
"jsonwebtoken": { "jsonwebtoken": {
"version": "8.5.1", "version": "8.5.1",
"resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
@ -380,6 +587,18 @@
} }
} }
}, },
"jsprim": {
"version": "1.4.1",
"resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz",
"integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=",
"dev": true,
"requires": {
"assert-plus": "1.0.0",
"extsprintf": "1.3.0",
"json-schema": "0.2.3",
"verror": "1.10.0"
}
},
"jwa": { "jwa": {
"version": "1.4.1", "version": "1.4.1",
"resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
@ -564,6 +783,12 @@
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz",
"integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw=="
}, },
"oauth-sign": {
"version": "0.9.0",
"resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz",
"integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==",
"dev": true
},
"object-assign": { "object-assign": {
"version": "4.1.1", "version": "4.1.1",
"resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
@ -592,6 +817,12 @@
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
"integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w="
}, },
"performance-now": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz",
"integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=",
"dev": true
},
"process-nextick-args": { "process-nextick-args": {
"version": "2.0.1", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
@ -606,6 +837,18 @@
"ipaddr.js": "1.9.1" "ipaddr.js": "1.9.1"
} }
}, },
"psl": {
"version": "1.8.0",
"resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz",
"integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==",
"dev": true
},
"punycode": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz",
"integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==",
"dev": true
},
"qs": { "qs": {
"version": "6.7.0", "version": "6.7.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz",
@ -646,6 +889,42 @@
"resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-1.0.0.tgz", "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-1.0.0.tgz",
"integrity": "sha512-TuAasHQNamyyJ2hb97IuBEif4qBHGjPHBS64sZwytpLEqtBQ1gPJTnOaQ6qmpET16cK14kkjbazl6+p0RRv0yw==" "integrity": "sha512-TuAasHQNamyyJ2hb97IuBEif4qBHGjPHBS64sZwytpLEqtBQ1gPJTnOaQ6qmpET16cK14kkjbazl6+p0RRv0yw=="
}, },
"request": {
"version": "2.88.2",
"resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz",
"integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==",
"dev": true,
"requires": {
"aws-sign2": "~0.7.0",
"aws4": "^1.8.0",
"caseless": "~0.12.0",
"combined-stream": "~1.0.6",
"extend": "~3.0.2",
"forever-agent": "~0.6.1",
"form-data": "~2.3.2",
"har-validator": "~5.1.3",
"http-signature": "~1.2.0",
"is-typedarray": "~1.0.0",
"isstream": "~0.1.2",
"json-stringify-safe": "~5.0.1",
"mime-types": "~2.1.19",
"oauth-sign": "~0.9.0",
"performance-now": "^2.1.0",
"qs": "~6.5.2",
"safe-buffer": "^5.1.2",
"tough-cookie": "~2.5.0",
"tunnel-agent": "^0.6.0",
"uuid": "^3.3.2"
},
"dependencies": {
"qs": {
"version": "6.5.2",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
"integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==",
"dev": true
}
}
},
"safe-buffer": { "safe-buffer": {
"version": "5.1.2", "version": "5.1.2",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
@ -793,6 +1072,23 @@
"memory-pager": "^1.0.2" "memory-pager": "^1.0.2"
} }
}, },
"sshpk": {
"version": "1.16.1",
"resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz",
"integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==",
"dev": true,
"requires": {
"asn1": "~0.2.3",
"assert-plus": "^1.0.0",
"bcrypt-pbkdf": "^1.0.0",
"dashdash": "^1.12.0",
"ecc-jsbn": "~0.1.1",
"getpass": "^0.1.1",
"jsbn": "~0.1.0",
"safer-buffer": "^2.0.2",
"tweetnacl": "~0.14.0"
}
},
"statuses": { "statuses": {
"version": "1.5.0", "version": "1.5.0",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz", "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz",
@ -811,6 +1107,31 @@
"resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz",
"integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==" "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw=="
}, },
"tough-cookie": {
"version": "2.5.0",
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz",
"integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==",
"dev": true,
"requires": {
"psl": "^1.1.28",
"punycode": "^2.1.1"
}
},
"tunnel-agent": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz",
"integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=",
"dev": true,
"requires": {
"safe-buffer": "^5.0.1"
}
},
"tweetnacl": {
"version": "0.14.5",
"resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz",
"integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=",
"dev": true
},
"type-is": { "type-is": {
"version": "1.6.18", "version": "1.6.18",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
@ -825,6 +1146,15 @@
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
"integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw=" "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw="
}, },
"uri-js": {
"version": "4.4.1",
"resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz",
"integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==",
"dev": true,
"requires": {
"punycode": "^2.1.0"
}
},
"util-deprecate": { "util-deprecate": {
"version": "1.0.2", "version": "1.0.2",
"resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
@ -835,11 +1165,28 @@
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=" "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM="
}, },
"uuid": {
"version": "3.4.0",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz",
"integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==",
"dev": true
},
"vary": { "vary": {
"version": "1.1.2", "version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
}, },
"verror": {
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz",
"integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=",
"dev": true,
"requires": {
"assert-plus": "^1.0.0",
"core-util-is": "1.0.2",
"extsprintf": "^1.2.0"
}
},
"ws": { "ws": {
"version": "7.4.6", "version": "7.4.6",
"resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",

3
backend/service-message/package.json
View file

@ -18,5 +18,8 @@
"jsonwebtoken": "^8.5.1", "jsonwebtoken": "^8.5.1",
"mongoose": "^5.12.11", "mongoose": "^5.12.11",
"socket.io": "^4.1.2" "socket.io": "^4.1.2"
},
"devDependencies": {
"request": "^2.88.2"
} }
} }

10
backend/service-message/server.js
View file

@ -30,11 +30,12 @@ io.on('connection',socket => {
let users = {}; let users = {};
const session = auth.getSession(socket.request); auth.getSession(socket.request, function(res){
const getUsername = auth.getUsername(session); const getUsername = auth.getUsername(res);
if (getUsername === -1) { if (getUsername === -1) {
socket.emit('error','not authenticated'); socket.send('error','not authenticated');
} }
else{
console.log(`${getUsername} joined the chat.`); console.log(`${getUsername} joined the chat.`);
socket.broadcast.emit('general',[{ socket.broadcast.emit('general',[{
username: 'Server', username: 'Server',
@ -82,7 +83,8 @@ io.on('connection',socket => {
socket.on("disconnect", function() { socket.on("disconnect", function() {
console.log(`${getUsername} left the chat.`); console.log(`${getUsername} left the chat.`);
}); });
}
});
}); });
server.listen(port, () => { server.listen(port, () => {

89
backend/service-message/sessionJWT.js
View file

@ -1,89 +0,0 @@
const sessionJWT = require ('jsonwebtoken');
const fs = require ('fs');
// renvoie un nouveau token JWT
function createSessionJWT (username) {
// ci-dessous, on met en place le cookie de session JWT :
// 1/ on recupere notre clef privee
const RSA_PRIVATE_KEY = fs.readFileSync('../keys/jwtRS256.key');
// 2/ on signe un token JWT. Le payload est l'identifiant de
// l'utilisateur ainsi qu'une date d'expiration à mi-parcours :
// on récupérra ultérieurement ces informations, qui permettront
// de savoir si le token est valide ou non et de connaître l'ID
// de l'utilisateur. Dans le token, le champ exp indique la date
// de validité du token (pas besoin de se relogguer tant que la
// date actuelle est inférieure à exp) et le champ midExp indique
// à partir de quel moment on doit recréer un nouveau cookie de
// session.
const jwtToken = sessionJWT.sign(
{
username: username,
midExp: Math.floor(Date.now() / 1000) + 1800 // validité: 30mn
},
RSA_PRIVATE_KEY,
{
algorithm: 'RS256',
expiresIn: '1h' // champ exp: validité 1h
});
return jwtToken;
}
// crée un cookie de session JWT (Si le JWT de la requête est encore valide,
// on l'utilise, sinon on en recrée un nouveau)
function createSessionCookie(req, res, payload) {
// on regarde si le payload contient les champs userId et midExp. Si c'est le
// cas, c'est qu'on a reçu dans la request un cookie. On va donc vérifier si
// ce cookie est encore valide ou non : si la date actuelle est inférieure à
// midExp, alors le cookie est encore valide et on peut le renvoyer. Sinon,
// on doit recalculer un nouveau cookie.
let jwtToken = '';
if ((typeof payload.username !== 'undefined') &&
(typeof payload.midExp !== 'undefined') &&
(Math.floor(Date.now() / 1000) <= payload.midExp)) {
jwtToken = req.headers.cookie;
}
else {
// on crée
// un nouveau cookie
jwtToken = createSessionJWT(payload.username);
}
// on renvoie le cookie au client
// on met le secure à false afin de pouvoir utiliser http plutôt que https
res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false});
}
module.exports.createSessionCookie = createSessionCookie;
// décode un cookie de session et renvoie les informations contenues dans ce
// cookie, notamment le userId. Si le cookie n'existe pas, la fonction renvoie
// juste un objet avec un userId égal à -1.
function decodeSessionCookie(req) {
// si l'on n'a pas de cookie de session, on renvoie une session avec vide,
// avec juste un userId à -1
if (typeof req.headers.cookie === 'undefined') {
return { username: -1 };
}
const sessionid = req.headers.cookie.replace('SESSIONID=','');
// on lit la clef publique
const RSA_PUBLIC_KEY = fs.readFileSync('../keys/jwtRS256.key.pub');
// on récupère les données du cookie
try {
const token = sessionJWT.verify(
sessionid,
RSA_PUBLIC_KEY,
{algorithms: ['RS256']});
return token;
}
catch (err) {
return {username: err};
}
}
module.exports.decodeSessionCookie = decodeSessionCookie;

2
frontend/src/app/services/chat/chat.service.ts
View file

@ -53,7 +53,7 @@ export class ChatService {
return new Observable(observer => { return new Observable(observer => {
// @ts-ignore // @ts-ignore
this.socket.on(room, (data: ChatInfo[]) => { this.socket.on(room, (data: ChatInfo[]) => {
console.log(data); //console.log(data);
observer.next(data); observer.next(data);
}); });
}); });

2
frontend/src/app/services/message/message.service.ts
View file

@ -18,7 +18,7 @@ export class MessageService {
constructor(private http: HttpClient) { } constructor(private http: HttpClient) { }
sendMessage(url: string, data: any): Observable<JSdata> { sendMessage(url: string, data: any): Observable<JSdata> {
const CreatURL = environment.urlCL.concat('/').concat(url); const CreatURL = environment.urlCL.concat('/').concat(url);
console.log(CreatURL, data); //console.log(CreatURL, data);
return this.http.post<JSdata>( return this.http.post<JSdata>(
CreatURL, CreatURL,
data, data,