1 | "use strict";
|
2 | var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
3 | return new (P || (P = Promise))(function (resolve, reject) {
|
4 | function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
5 | function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
6 | function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
|
7 | step((generator = generator.apply(thisArg, _arguments || [])).next());
|
8 | });
|
9 | };
|
10 | var __importDefault = (this && this.__importDefault) || function (mod) {
|
11 | return (mod && mod.__esModule) ? mod : { "default": mod };
|
12 | };
|
13 | Object.defineProperty(exports, "__esModule", { value: true });
|
14 | const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
15 | const iso_libs_1 = require("../libs/iso-libs");
|
16 |
|
17 |
|
18 |
|
19 |
|
20 | exports.IC_WEB_TOKEN = "IC_WEB_TOKEN";
|
21 |
|
22 |
|
23 |
|
24 |
|
25 | exports.IC_USER_ID = 'IC_USER_ID';
|
26 | exports.EMAIL_CONFIRMATION_PARAM = "confirmationtoken";
|
27 | exports.EMAIL_PARAM = "email";
|
28 | exports.PASSWORD_PARAM = "password";
|
29 | exports.AUTH_STATUS = {
|
30 | PENDING: "pending",
|
31 | ACTIVE: "active"
|
32 | };
|
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
|
40 |
|
41 |
|
42 |
|
43 | exports.createAuthMiddleware = (clientSecret, onAuthenticated) => (req, res, next) => {
|
44 | console.log("createAuthMiddleware", req.universalCookies);
|
45 | const webtoken = req.universalCookies.get(exports.IC_WEB_TOKEN);
|
46 | const userId = req.universalCookies.get(exports.IC_USER_ID);
|
47 | if (webtoken !== undefined && userId !== undefined) {
|
48 | console.log("webtoken: ", webtoken);
|
49 | console.log("userId: ", userId);
|
50 | try {
|
51 | const decoded = jsonwebtoken_1.default.verify(webtoken, clientSecret);
|
52 | if (decoded !== undefined) {
|
53 | const { id } = decoded;
|
54 | console.log("id: ", id);
|
55 |
|
56 | if (id.toString() === userId.toString()) {
|
57 |
|
58 | console.log("token matches :-)");
|
59 | onAuthenticated(id.toString());
|
60 | return next();
|
61 | }
|
62 | }
|
63 | return next("UserId in Token does not match UserId in cookie");
|
64 |
|
65 | }
|
66 | catch (err) {
|
67 | return next(err);
|
68 |
|
69 | }
|
70 | }
|
71 | else {
|
72 | return next('No token present!');
|
73 |
|
74 | }
|
75 | };
|
76 | const getEncryptedAccessToken = (id, clientSecret, access_token) => {
|
77 | const today = new Date();
|
78 | const expirationDate = new Date(today);
|
79 | expirationDate.setDate(today.getDate() + 60);
|
80 |
|
81 | const webtoken = jsonwebtoken_1.default.sign({
|
82 | id: id,
|
83 | exp: expirationDate.getTime() / 1000,
|
84 | }, clientSecret);
|
85 |
|
86 | const encryptedAccessToken = jsonwebtoken_1.default.sign({
|
87 | id: id,
|
88 | accessToken: access_token,
|
89 | exp: expirationDate.getTime() / 1000,
|
90 | }, webtoken);
|
91 | return {
|
92 | webtoken: webtoken,
|
93 | encryptedAccessToken: encryptedAccessToken
|
94 | };
|
95 | };
|
96 |
|
97 |
|
98 |
|
99 |
|
100 |
|
101 |
|
102 |
|
103 |
|
104 |
|
105 |
|
106 | exports.createCallbackMiddleware = (clientSecret, fetchAccessToken, getUserData, storeAuthData, getAuthData) => function (req, res, next) {
|
107 | return __awaiter(this, void 0, void 0, function* () {
|
108 | const path = require('path');
|
109 | console.log("THIS IS THE AUTH CALLBACK");
|
110 |
|
111 | const email_confirmation = req.query[exports.EMAIL_CONFIRMATION_PARAM];
|
112 | const email_param = req.query[exports.EMAIL_PARAM];
|
113 | const password_param = req.query[exports.PASSWORD_PARAM];
|
114 | const page = req.query["page"];
|
115 | console.log("received params: ", email_confirmation, email_param, password_param);
|
116 | if (email_param) {
|
117 |
|
118 | const authDataList = yield getAuthData(req,
|
119 | false,
|
120 | exports.IC_USER_ID,
|
121 | email_param
|
122 | );
|
123 | console.log("retrieved auth-data-list: ", authDataList);
|
124 |
|
125 | const parsedAuthDataList = authDataList.map(raw => JSON.parse(raw.jsonData));
|
126 |
|
127 | if (password_param !== undefined && parsedAuthDataList.length > 0) {
|
128 | const authData = parsedAuthDataList
|
129 | .reduce((result, cur) => result !== undefined ? result : (
|
130 |
|
131 | cur.encrypted_password === password_param ? cur : undefined), undefined);
|
132 | if (authData !== undefined) {
|
133 |
|
134 | const { webtoken, encryptedAccessToken } = getEncryptedAccessToken(email_param, clientSecret, password_param);
|
135 |
|
136 | const storeResult = yield storeAuthData(req,
|
137 | exports.IC_USER_ID,
|
138 | email_param,
|
139 | Object.assign({}, authData, {
|
140 | encryptedAccessToken: encryptedAccessToken
|
141 | }));
|
142 | req.universalCookies.set(exports.IC_WEB_TOKEN, webtoken, { path: '/' });
|
143 | req.universalCookies.set(exports.IC_USER_ID, email_param, { path: '/' });
|
144 | console.log("store password verified result: ", storeResult);
|
145 | res.redirect(`${path.join(iso_libs_1.getBasename(), page !== undefined ? page : "/")}?message=success`);
|
146 | }
|
147 | else {
|
148 | console.log("could not verify password, ", password_param, email_param);
|
149 | return next("login failure");
|
150 | }
|
151 | return;
|
152 | }
|
153 | else if (email_confirmation && parsedAuthDataList.length > 0) {
|
154 |
|
155 | const authData = parsedAuthDataList
|
156 | .reduce((result, cur) => result !== undefined ? result : (cur.encryptedAccessToken === email_confirmation ? cur : undefined), undefined);
|
157 | console.log("retrieved auth-data: ", authData);
|
158 | if (authData !== undefined) {
|
159 | const { webtoken, encryptedAccessToken } = getEncryptedAccessToken(email_param, clientSecret, email_confirmation);
|
160 |
|
161 | const storeResult = yield storeAuthData(req,
|
162 | exports.IC_USER_ID,
|
163 | email_param,
|
164 | Object.assign({}, authData, {
|
165 | status: exports.AUTH_STATUS.ACTIVE,
|
166 | encryptedAccessToken: encryptedAccessToken
|
167 | }));
|
168 | console.log("webtoken: ", webtoken, email_param);
|
169 | req.universalCookies.set(exports.IC_WEB_TOKEN, webtoken, { path: '/' });
|
170 | req.universalCookies.set(exports.IC_USER_ID, email_param, { path: '/' });
|
171 | console.log("store email verified result: ", storeResult);
|
172 | res.redirect(`${path.join(iso_libs_1.getBasename(), page !== undefined ? page : "/")}?message=mailverified`);
|
173 | }
|
174 | else {
|
175 | console.log("could not verify access token, ", email_confirmation, email_param);
|
176 | return next("access token is wrong");
|
177 | }
|
178 | return;
|
179 | }
|
180 | }
|
181 | const { redirectPage, fFetch } = fetchAccessToken(req);
|
182 |
|
183 | console.log("redirect to: ", redirectPage);
|
184 | req["redirectPage"] = redirectPage;
|
185 | yield fFetch().then(function (resJson) {
|
186 | return __awaiter(this, void 0, void 0, function* () {
|
187 |
|
188 |
|
189 | yield getUserData(resJson).then(function (data) {
|
190 | return __awaiter(this, void 0, void 0, function* () {
|
191 | console.log("get user data: ", JSON.stringify(data));
|
192 | const { id, name, username, imageUrl, access_token, email, status } = data;
|
193 | console.log("id: ", id);
|
194 | console.log("name: ", name);
|
195 | const { webtoken, encryptedAccessToken } = getEncryptedAccessToken(id, clientSecret, access_token);
|
196 |
|
197 |
|
198 |
|
199 |
|
200 | const storeResult = yield storeAuthData(req,
|
201 | exports.IC_USER_ID,
|
202 | id,
|
203 | Object.assign({
|
204 | |
205 |
|
206 | encryptedAccessToken: status === exports.AUTH_STATUS.ACTIVE ? encryptedAccessToken : access_token,
|
207 | name: name,
|
208 | username: username,
|
209 | imageUrl: imageUrl,
|
210 | email: email,
|
211 | status: status,
|
212 | }, password_param ? {
|
213 | encrypted_password: password_param
|
214 | } : {})
|
215 | );
|
216 | console.log("storeResult: ", storeResult);
|
217 |
|
218 | if (status === exports.AUTH_STATUS.ACTIVE) {
|
219 | req.universalCookies.set(exports.IC_WEB_TOKEN, webtoken, { path: '/' });
|
220 | req.universalCookies.set(exports.IC_USER_ID, id, { path: '/' });
|
221 | }
|
222 | console.log("done");
|
223 | res.redirect(path.join(iso_libs_1.getBasename(), redirectPage));
|
224 | return;
|
225 | });
|
226 | });
|
227 | });
|
228 | });
|
229 | });
|
230 | };
|
231 |
|
\ | No newline at end of file |