Converted the account system to an auth system

2021-03-07 00:41:19 +11:00
parent 725842f672
commit 2e024f71c3
27 changed files with 4495 additions and 7 deletions
@@ -0,0 +1,21 @@
+const jwt = require('jsonwebtoken');
+
+//middleware to authenticate the JWT token
+module.exports = (req, res, next) => {
+	const authHeader = req.headers['authorization'];
+	const token = authHeader?.split (' ')[1]; //'Bearer token'
+
+	if (!token) {
+		return res.status(401).end();
+	}
+
+	jwt.verify(token, process.env.SECRET_ACCESS, (err, user) => {
+		if (err) {
+			return res.status(403).end();
+		}
+
+		req.user = user;
+
+		next();
+	});
+};
@@ -0,0 +1,9 @@
+const { tokens } = require('../database/models');
+
+module.exports = (token) => {
+	tokens.destroy({
+		where: {
+			token
+		}
+	});
+}
@@ -0,0 +1,17 @@
+const jwt = require('jsonwebtoken');
+const { tokens } = require('../database/models');
+
+//generates a JWT token based on the given arguments
+module.exports = (username, privilege) => {
+	const content = {
+		username,
+		privilege
+	};
+
+	const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '1m' });
+	const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH);
+
+	tokens.create({ token: refreshToken });
+
+	return { accessToken, refreshToken };
+};
@@ -0,0 +1,33 @@
+const jwt = require('jsonwebtoken');
+const { tokens } = require('../database/models');
+
+const generate = require('./token-generate');
+const destroy = require('./token-destroy');
+
+module.exports = (token, callback) => {
+	if (!token) {
+		return callback(401);
+	}
+
+	const tokenRecord = tokens.findOne({
+		where: {
+			token
+		}
+	});
+
+	if (!tokenRecord) {
+		return callback(403);
+	}
+
+	jwt.verify(token, process.env.SECRET_REFRESH, (err, user) => {
+		if (err) {
+			return callback(403);
+		}
+
+		const result = generate(user.username, user.privilege);
+
+		destroy(token);
+
+		return callback(null, result);
+	});
+};
@@ -0,0 +1,4 @@
+const crypto = require('crypto');
+
+//lazy
+module.exports = (bytes = 16) => crypto.randomBytes(bytes).toString("hex");
@@ -0,0 +1,5 @@
+const emailRegex = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+
+module.exports = email => {
+	return emailRegex.test(email);
+}
@@ -0,0 +1,23 @@
+module.exports = username => {
+	if (!username) {
+		return false;
+	}
+
+	if (username.length < 8 && username.length > 100) {
+		return false;
+	}
+	
+	if (!isAlpha(username)) {
+		return false;
+	}
+	
+	return true;
+}
+
+const isAlpha = (str) => {
+	//starting from beginning ^
+	//to the end $
+	//check first letter is alpha or underscore [A-Za-z_]
+	//check the remaining 0 or more (*) letters are alpha, numeric or underscore [A-Za-z0-9_]
+	return /^[A-Za-z_][A-Za-z0-9_]*$/.test(str);
+}