This commit is contained in:
Jose Conde
2024-07-20 15:02:48 +02:00
parent 6da023d12a
commit 0329e84548
12 changed files with 82 additions and 150 deletions

View File

@ -31,17 +31,35 @@ export class AuthController extends BaseController {
}
}
_jwtSignUser(user: User | null, res: Response) {
async refresh(req: Request, res: Response): Promise<void> {
const { log } = req;
try {
const { token } = req.body;
const user = await this.security.verifyJwt(token);
this._jwtSignUser(user, res, true);
} catch (error) {
this.handleError(res, error);
}
}
_jwtSignUser(user: User | null, res: Response, isRefresh: boolean = false) {
if (user === null) {
res.status(401).json({ error: 'Unauthorized' }).end();
return;
}
delete user.hash;
const token = this.security.signJwt(user);
const token = this.security.signJwt(user, false);
if (token === null) {
res.status(401).json({ error: 'Unauthorized' }).end();
} else {
res.status(200).json({ token }).end();
const data: {
token: string,
refreshToken?: string
} = { token };
if (!isRefresh) {
data.refreshToken = this.security.signJwt(user, true);
}
res.status(200).json(data).end();
}
return;
}
@ -173,7 +191,7 @@ export class AuthController extends BaseController {
req.user = user;
next();
} catch (error) {
return res.status(403).json({ error: 'Forbidden' });
return res.status(401).json({ error: 'Unauthorized' });
}
}
}
@ -194,7 +212,7 @@ export class AuthController extends BaseController {
req.token = apiToken;
next();
} catch (error) {
return res.status(403).json({ error: 'Forbidden' });
return res.status(401).json({ error: 'Unauthorized' });
}
}
}

View File

@ -0,0 +1,33 @@
import { Request, Response } from "express";
import { BaseController } from "./BaseController";
const json = {
"version": "0.1.10",
"notes": "ADDEDD\n======\n- Updater\n- Refresh authentication when expires\n- Match summary page phase 1",
"pub_date": "2024-07-20T10:25:57Z",
"platforms": {
"windows-x86_64": {
"signature": "dW50cnVzdGVkIGNvbW1lbnQ6IHNpZ25hdHVyZSBmcm9tIHRhdXJpIHNlY3JldCBrZXkKUlVTdDh5VEM1Y1hnUUF0N0lJVEl0SDM0QnAvRCs0OXpzMUhyQ3A3UHNxbUsrSWFMOWFDTkJqVVZBRXdNWmR3ME5hUU8wUEh4ajhaUktoZGEycFhoaFpwTno2WlZBRlhaRHdrPQp0cnVzdGVkIGNvbW1lbnQ6IHRpbWVzdGFtcDoxNzIxNDgwMDM3CWZpbGU6ZG9taW5vLWNsaWVudF8wLjEuMTBfeDY0LXNldHVwLm5zaXMuemlwCk0rTDNUR3N6WHY5VnRRQU9hRnVFQnQybStFcndYRDRQY0hQNng1eFFDKzFvVngzaXhOaGZRRjBndkhxYXQxUkNrT1RNcHo2enM0VXh0eUJITHlveENnPT0K",
"url": "https://test.xintanalabs.net/updates/domino-client_0.1.10_x64-setup.nsis.zip"
}
}
}
export class UpdaterController extends BaseController {
async checkUpdate(req: Request, res: Response): Promise<any> {
this.logger.info('Checking for updates');
return res.json(json).status(200).end();
return res.status(204).end();
}
// async startMatchSession(data: any): Promise<any> {
// const response = await this.sessionManager.startSession(data);
// return response;
// }
// async joinMatchSession(data: any, socketId: string): Promise<any> {
// const response = await this.sessionManager.joinSession(data, socketId);
// return response;
// }
}

View File

@ -24,6 +24,7 @@ app.use(express.text());
app.use(express.urlencoded({extended: true }));
app.use(useRouter())
app.use(express.static(join(process.cwd(), 'public')));
app.get('/', (req, res) => {
res.sendFile(join(__dirname, 'index.html'));

View File

@ -2,8 +2,9 @@ import crypto from 'crypto';
import jwt from 'jsonwebtoken';
import bcrypt from 'bcryptjs';
import { User } from '../db/interfaces';
import { ManagerBase } from './ManagerBase';
export class SecurityManager {
export class SecurityManager extends ManagerBase {
saltRounds = Number(process.env.SALT_ROUNDS);
jwtSecretKey = process.env.JWT_SECRET_KEY || '';
@ -20,8 +21,11 @@ export class SecurityManager {
return crypto.randomBytes(32).toString('hex');
}
signJwt(data: any) {
return jwt.sign(data, this.jwtSecretKey, { expiresIn: '3h' });
signJwt(data: any, longTerm: boolean = false): string {
const expiresIn: string = longTerm ? '7d' : '3h'
delete data.iat;
delete data.exp;
return jwt.sign(data, this.jwtSecretKey, { expiresIn });
}
// TODO: verificar esto

View File

@ -1,5 +1,6 @@
import { Request, Response, Router } from 'express';
import { AuthController } from '../controllers/AuthController';
import { UpdaterController } from '../controllers/UpdaterController';
import adminRouter from './adminRouter';
import userRouter from './userRouter';
@ -8,13 +9,19 @@ import gameRouter from './gameRouter';
export default function(): Router {
const router = Router();
const authController = new AuthController();
const updaterController = new UpdaterController();
router.get('/version', async function(req: Request, res: Response){
res.send('1.0.0').end();
res.json({
app: 'domino',
version: '0.1.4-test',
}).end();
});
router.post('/auth/code', (req: Request, res: Response) => authController.twoFactorCodeAuthentication(req, res));
router.post('/login', (req: Request, res: Response) => authController.login(req, res));
router.post('/refresh', (req: Request, res: Response) => authController.refresh(req, res));
router.get('/updater/:target/:arch/:currentVersion', (req: Request, res: Response) => updaterController.checkUpdate(req, res));
router.use('/admin', adminRouter());
router.use('/user', userRouter());