krgamestudios/auth-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: krgamestudios/auth-server:v1.4.0
Branches Tags
krgamestudios/auth-server:main
krgamestudios/auth-server:v1.8.11 krgamestudios/auth-server:v1.8.10 krgamestudios/auth-server:v1.8.9 krgamestudios/auth-server:v1.8.8 krgamestudios/auth-server:v1.8.7 krgamestudios/auth-server:v1.8.6 krgamestudios/auth-server:v1.8.5 krgamestudios/auth-server:v1.8.4 krgamestudios/auth-server:v1.8.3 krgamestudios/auth-server:v1.8.2 krgamestudios/auth-server:v1.8.1 krgamestudios/auth-server:v1.8.0 krgamestudios/auth-server:v1.7.11 krgamestudios/auth-server:v1.7.10 krgamestudios/auth-server:v1.7.9 krgamestudios/auth-server:v1.7.8 krgamestudios/auth-server:v1.7.7 krgamestudios/auth-server:v1.7.6 krgamestudios/auth-server:v1.7.5 krgamestudios/auth-server:v1.7.4 krgamestudios/auth-server:v1.7.3 krgamestudios/auth-server:v1.7.2 krgamestudios/auth-server:v1.7.1 krgamestudios/auth-server:v1.7.0 krgamestudios/auth-server:v1.6.5 krgamestudios/auth-server:v1.6.4 krgamestudios/auth-server:v1.6.3 krgamestudios/auth-server:v1.6.2 krgamestudios/auth-server:v1.6.1 krgamestudios/auth-server:v1.6.0 krgamestudios/auth-server:v1.5.2 krgamestudios/auth-server:v1.5.1 krgamestudios/auth-server:v1.5.0 krgamestudios/auth-server:v1.4.14 krgamestudios/auth-server:v1.4.13 krgamestudios/auth-server:v1.4.12 krgamestudios/auth-server:v1.4.11 krgamestudios/auth-server:v1.4.10 krgamestudios/auth-server:v1.4.9 krgamestudios/auth-server:v1.4.8 krgamestudios/auth-server:v1.4.7 krgamestudios/auth-server:v1.4.6 krgamestudios/auth-server:v1.4.5 krgamestudios/auth-server:v1.4.4 krgamestudios/auth-server:v1.4.3 krgamestudios/auth-server:v1.4.2 krgamestudios/auth-server:v1.4.1 krgamestudios/auth-server:v1.4.0 krgamestudios/auth-server:v1.3.2 krgamestudios/auth-server:v1.3.1 krgamestudios/auth-server:v1.3.0 krgamestudios/auth-server:v1.2.0 krgamestudios/auth-server:v1.1.1 krgamestudios/auth-server:v1.1.0 krgamestudios/auth-server:v1.0.7 krgamestudios/auth-server:v1.0.6 krgamestudios/auth-server:v1.0.5 krgamestudios/auth-server:v1.0.4 krgamestudios/auth-server:v1.0.3 krgamestudios/auth-server:v1.0.2 krgamestudios/auth-server:v1.0.1 krgamestudios/auth-server:v1.0.0
...
compare: krgamestudios/auth-server:v1.4.9
Branches Tags
krgamestudios/auth-server:main
krgamestudios/auth-server:v1.8.11 krgamestudios/auth-server:v1.8.10 krgamestudios/auth-server:v1.8.9 krgamestudios/auth-server:v1.8.8 krgamestudios/auth-server:v1.8.7 krgamestudios/auth-server:v1.8.6 krgamestudios/auth-server:v1.8.5 krgamestudios/auth-server:v1.8.4 krgamestudios/auth-server:v1.8.3 krgamestudios/auth-server:v1.8.2 krgamestudios/auth-server:v1.8.1 krgamestudios/auth-server:v1.8.0 krgamestudios/auth-server:v1.7.11 krgamestudios/auth-server:v1.7.10 krgamestudios/auth-server:v1.7.9 krgamestudios/auth-server:v1.7.8 krgamestudios/auth-server:v1.7.7 krgamestudios/auth-server:v1.7.6 krgamestudios/auth-server:v1.7.5 krgamestudios/auth-server:v1.7.4 krgamestudios/auth-server:v1.7.3 krgamestudios/auth-server:v1.7.2 krgamestudios/auth-server:v1.7.1 krgamestudios/auth-server:v1.7.0 krgamestudios/auth-server:v1.6.5 krgamestudios/auth-server:v1.6.4 krgamestudios/auth-server:v1.6.3 krgamestudios/auth-server:v1.6.2 krgamestudios/auth-server:v1.6.1 krgamestudios/auth-server:v1.6.0 krgamestudios/auth-server:v1.5.2 krgamestudios/auth-server:v1.5.1 krgamestudios/auth-server:v1.5.0 krgamestudios/auth-server:v1.4.14 krgamestudios/auth-server:v1.4.13 krgamestudios/auth-server:v1.4.12 krgamestudios/auth-server:v1.4.11 krgamestudios/auth-server:v1.4.10 krgamestudios/auth-server:v1.4.9 krgamestudios/auth-server:v1.4.8 krgamestudios/auth-server:v1.4.7 krgamestudios/auth-server:v1.4.6 krgamestudios/auth-server:v1.4.5 krgamestudios/auth-server:v1.4.4 krgamestudios/auth-server:v1.4.3 krgamestudios/auth-server:v1.4.2 krgamestudios/auth-server:v1.4.1 krgamestudios/auth-server:v1.4.0 krgamestudios/auth-server:v1.3.2 krgamestudios/auth-server:v1.3.1 krgamestudios/auth-server:v1.3.0 krgamestudios/auth-server:v1.2.0 krgamestudios/auth-server:v1.1.1 krgamestudios/auth-server:v1.1.0 krgamestudios/auth-server:v1.0.7 krgamestudios/auth-server:v1.0.6 krgamestudios/auth-server:v1.0.5 krgamestudios/auth-server:v1.0.4 krgamestudios/auth-server:v1.0.3 krgamestudios/auth-server:v1.0.2 krgamestudios/auth-server:v1.0.1 krgamestudios/auth-server:v1.0.0

20 Commits
v1.4.0 ... v1.4.9

Author SHA1 Message Date
Kayne Ruse 353be4662b Bumped version number 2021-12-19 16:07:44 +00:00
Kayne Ruse cc655cd988 Merge remote-tracking branch 'refs/remotes/origin/main' 2021-12-19 16:06:30 +00:00
Kayne Ruse ec3b14e32b Removed excess logging 2021-12-19 16:06:23 +00:00
Kayne Ruse b188c46efd Merge pull request #9 from MatthewEvans91/remove-address-line 
omit physical address line from validation email where no physical address provided
 2021-12-20 03:04:03 +11:00
Matthew Evans ece3b0253f omit physical address line from validation email where no physical address provided 2021-12-18 18:47:44 -07:00
Kayne Ruse 062bc43f5a BUGFIX: sending account index via post validation hook 2021-12-11 11:54:13 +00:00
Kayne Ruse cc6b7bd7b4 Fixed an import/require problem 2021-12-11 10:11:56 +00:00
Kayne Ruse 9bdf3925a3 Implemented a post-validation hook 2021-12-11 09:59:57 +00:00
Kayne Ruse a299bab794 Preparing for Egg Trainer merge 2021-11-18 14:59:30 +00:00
Kayne Ruse 8460d03181 Updated package-lock.json 2021-11-17 06:14:08 +00:00
Kayne Ruse ae88f3002a Bumped node to version 16 LTS 2021-11-17 04:43:03 +00:00
Kayne Ruse f4745084c0 Updated package-lock.json 2021-11-15 22:39:48 +00:00
Kayne Ruse 02387914a8 Updated documentation 2021-08-21 22:45:15 +01:00
Kayne Ruse 0da150f471 Bumped version number 2021-08-13 20:59:44 +10:00
Kayne Ruse d8e9620ad1 Fixed a logout bug when the access token changes 2021-08-13 20:58:52 +10:00
Kayne Ruse c1155909be Patched a refresh issue 2021-08-09 20:23:05 +10:00
Kayne Ruse 4ec55bed10 Bumped version number 2021-07-28 15:43:47 +01:00
Kayne Ruse b51d22f1a1 SQUASH: I think I got it working 2021-07-29 00:36:20 +10:00
Kayne Ruse 6b3db67a29 Fixed whitespace 2021-07-28 23:19:08 +10:00
Kayne Ruse 81da8ca422 Working on password recovery 2021-07-28 23:02:04 +10:00
19 changed files with 466 additions and 217 deletions
Expand all files Collapse all files
.envdev
+1
View File
@@ -1,5 +1,6 @@
WEB_PROTOCOL=http WEB_PROTOCOL=http
WEB_ADDRESS=localhost WEB_ADDRESS=localhost
WEB_RESET_ADDRESS=localhost/reset
WEB_PORT=3200 WEB_PORT=3200
DB_HOSTNAME=database DB_HOSTNAME=database
Dockerfile
+2 -2
View File
@@ -1,9 +1,9 @@
FROM node:15 FROM node:16
WORKDIR "/app" WORKDIR "/app"
COPY package*.json ./ COPY package*.json ./
COPY . /app
RUN npm install --production RUN npm install --production
COPY . /app
EXPOSE 3200 EXPOSE 3200
USER node USER node
ENTRYPOINT ["bash", "-c"] ENTRYPOINT ["bash", "-c"]
README.md
+73 -9
View File
@@ -20,9 +20,17 @@ Content-Type: application/json
} }
//DOCS: Used for validating the email address above ###
//DOCS: Used for validating the email address specified above
GET /auth/validation?username=example&token=12345678 GET /auth/validation?username=example&token=12345678
//DOCS: If the environment variable HOOK_POST_VALIDATION is set to a URL, then the server will send a GET message to that URL with the newly created account's index
GET https://{HOOK_POST_VALIDATION}?accountIndex={index}
###
//DOCS: Login after validation //DOCS: Login after validation
POST /auth/login POST /auth/login
@@ -33,14 +41,17 @@ Content-Type: application/json
"password": "helloworld" "password": "helloworld"
} }
//Result (access token's value is your authorization key below) //DOCS: Result (access token's value is your authorization key below)
{ {
"accessToken": "abcde", "accessToken": "abcde",
"refreshToken": "fghij" "refreshToken": "fghij"
} }
//DOCS: Replace an expired authToken pair with these values ###
//DOCS: Replace an expired authToken pair with new values
POST /auth/token POST /auth/token
Content-Type: application/json Content-Type: application/json
@@ -48,6 +59,15 @@ Content-Type: application/json
"token": "refreshToken" "token": "refreshToken"
} }
//DOCS: Result
{
"accessToken": "abcde",
"refreshToken": "fghij"
}
###
//DOCS: After this is called, the refresh route will no longer work //DOCS: After this is called, the refresh route will no longer work
DELETE /auth/logout DELETE /auth/logout
@@ -58,22 +78,30 @@ Authorization: Bearer accessToken
} }
###
//DOCS: Retreives the private account data, results vary //DOCS: Retreives the private account data, results vary
GET /auth/account GET /auth/account
Authorization: Bearer accessToken Authorization: Bearer accessToken
//Result
{ ###
"accessToken": "abcde",
"refreshToken": "fghij"
}
//DOCS: Update account data, input varies, but is always JSON //DOCS: Update account data
PATCH /auth/account PATCH /auth/account
Content-Type: application/json Content-Type: application/json
Authorization: Bearer accessToken Authorization: Bearer accessToken
{
"password": "helloworld",
"contact": true
}
###
//DOCS: Sets the timer, account will be deleted after 2 days //DOCS: Sets the timer, account will be deleted after 2 days
DELETE /auth/account DELETE /auth/account
@@ -83,4 +111,40 @@ Content-Type: application/json
{ {
"password": "helloworld" "password": "helloworld"
} }
###
//DOCS: Send the link to recover a forgotten password
POST /auth/recover
Content-Type: application/json
{
"email": "kayneruse@gmail.com"
}
###
//DOCS: Redirect the link to recover a password to the front-end
GET /auth/reset?token=<token>
//DOCS: Result
301 -> ${WEB_RESET_ADDRESS}?email=<email>&token=<token>
###
//DOCS: Resets a password for the given email, correct token is required
PATCH /auth/reset?email=<email>&token=<token>
{
"password": "password"
}
###
``` ```
configure-script.js
+5 -1
View File
@@ -30,6 +30,8 @@ const question = (prompt, def = null) => {
//project configuration //project configuration
const appName = await question('App Name', 'auth'); const appName = await question('App Name', 'auth');
const appWebAddress = await question('Web Addr', `${appName}.example.com`); const appWebAddress = await question('Web Addr', `${appName}.example.com`);
const postValidationHook = await question('Post Validation Hook', '');
const resetAddress = await question('Reset Addr', `example.com/reset`);
const appPort = await question('App Port', '3200'); const appPort = await question('App Port', '3200');
const appDBUser = await question('DB User', appName); const appDBUser = await question('DB User', appName);
@@ -69,6 +71,8 @@ services:
environment: environment:
- WEB_PROTOCOL=https - WEB_PROTOCOL=https
- WEB_ADDRESS=${appWebAddress} - WEB_ADDRESS=${appWebAddress}
- HOOK_POST_VALIDATION=${postValidationHook}
- WEB_RESET_ADDRESS=${resetAddress}
- WEB_PORT=${appPort} - WEB_PORT=${appPort}
- DB_HOSTNAME=database - DB_HOSTNAME=database
- DB_DATABASE=${appName} - DB_DATABASE=${appName}
@@ -126,7 +130,7 @@ networks:
`; `;
const dockerfile = ` const dockerfile = `
FROM node:15 FROM node:16
WORKDIR "/app" WORKDIR "/app"
COPY package*.json ./ COPY package*.json ./
RUN npm install --production RUN npm install --production
package-lock.json
Generated
+81 -113
View File
@@ -1,21 +1,22 @@
{ {
"name": "auth-server", "name": "auth-server",
"version": "1.0.0", "version": "1.4.9",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"version": "1.0.0", "name": "auth-server",
"version": "1.4.9",
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"bcryptjs": "^2.4.3", "bcryptjs": "^2.4.3",
"body-parser": "^1.19.0",
"cors": "^2.8.5", "cors": "^2.8.5",
"dotenv": "^8.6.0", "dotenv": "^8.6.0",
"express": "^4.17.1", "express": "^4.17.1",
"jsonwebtoken": "^8.5.1", "jsonwebtoken": "^8.5.1",
"mariadb": "^2.5.4", "mariadb": "^2.5.4",
"node-cron": "^2.0.3", "node-cron": "^2.0.3",
"node-fetch": "^2.6.6",
"nodemailer": "^6.6.3", "nodemailer": "^6.6.3",
"sequelize": "^6.6.5" "sequelize": "^6.6.5"
}, },
@@ -73,68 +74,18 @@
} }
}, },
"node_modules/ansi-align": { "node_modules/ansi-align": {
"version": "3.0.0", "version": "3.0.1",
"resolved": "https://registry.npmjs.org/ansi-align/-/ansi-align-3.0.0.tgz", "resolved": "https://registry.npmjs.org/ansi-align/-/ansi-align-3.0.1.tgz",
"integrity": "sha512-ZpClVKqXN3RGBmKibdfWzqCY4lnjEuoNzU5T0oEFpfd/z5qJHVarukridD4juLO2FXMiwUQxr9WqQtaYa8XRYw==", "integrity": "sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w==",
"dev": true, "dev": true,
"dependencies": { "dependencies": {
"string-width": "^3.0.0" "string-width": "^4.1.0"
}
},
"node_modules/ansi-align/node_modules/ansi-regex": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
"integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==",
"dev": true,
"engines": {
"node": ">=6"
}
},
"node_modules/ansi-align/node_modules/emoji-regex": {
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz",
"integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==",
"dev": true
},
"node_modules/ansi-align/node_modules/is-fullwidth-code-point": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz",
"integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=",
"dev": true,
"engines": {
"node": ">=4"
}
},
"node_modules/ansi-align/node_modules/string-width": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
"integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==",
"dev": true,
"dependencies": {
"emoji-regex": "^7.0.1",
"is-fullwidth-code-point": "^2.0.0",
"strip-ansi": "^5.1.0"
},
"engines": {
"node": ">=6"
}
},
"node_modules/ansi-align/node_modules/strip-ansi": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
"integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==",
"dev": true,
"dependencies": {
"ansi-regex": "^4.1.0"
},
"engines": {
"node": ">=6"
} }
}, },
"node_modules/ansi-regex": { "node_modules/ansi-regex": {
"version": "5.0.0", "version": "5.0.1",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
"integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
"dev": true, "dev": true,
"engines": { "engines": {
"node": ">=8" "node": ">=8"
@@ -1330,6 +1281,17 @@
"node": ">=6.0.0" "node": ">=6.0.0"
} }
}, },
"node_modules/node-fetch": {
"version": "2.6.6",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.6.tgz",
"integrity": "sha512-Z8/6vRlTUChSdIgMa51jxQ4lrw/Jy5SOW10ObaA47/RElsAN2c5Pn8bTgFGWn/ibwzXTE8qwr1Yzx28vsecXEA==",
"dependencies": {
"whatwg-url": "^5.0.0"
},
"engines": {
"node": "4.x || >=6.0.0"
}
},
"node_modules/nodemailer": { "node_modules/nodemailer": {
"version": "6.6.3", "version": "6.6.3",
"resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.6.3.tgz", "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.6.3.tgz",
@@ -1960,6 +1922,11 @@
"nodetouch": "bin/nodetouch.js" "nodetouch": "bin/nodetouch.js"
} }
}, },
"node_modules/tr46": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
"integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
},
"node_modules/type-fest": { "node_modules/type-fest": {
"version": "0.8.1", "version": "0.8.1",
"resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz",
@@ -2080,9 +2047,9 @@
} }
}, },
"node_modules/validator": { "node_modules/validator": {
"version": "13.6.0", "version": "13.7.0",
"resolved": "https://registry.npmjs.org/validator/-/validator-13.6.0.tgz", "resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz",
"integrity": "sha512-gVgKbdbHgtxpRyR8K0O6oFZPhhB5tT1jeEHZR0Znr9Svg03U0+r9DXWMrnRAB+HtCStDQKlaIZm42tVsVjqtjg==", "integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw==",
"engines": { "engines": {
"node": ">= 0.10" "node": ">= 0.10"
} }
@@ -2095,6 +2062,20 @@
"node": ">= 0.8" "node": ">= 0.8"
} }
}, },
"node_modules/webidl-conversions": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
},
"node_modules/whatwg-url": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
"integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=",
"dependencies": {
"tr46": "~0.0.3",
"webidl-conversions": "^3.0.0"
}
},
"node_modules/widest-line": { "node_modules/widest-line": {
"version": "3.1.0", "version": "3.1.0",
"resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz",
@@ -2190,58 +2171,18 @@
} }
}, },
"ansi-align": { "ansi-align": {
"version": "3.0.0", "version": "3.0.1",
"resolved": "https://registry.npmjs.org/ansi-align/-/ansi-align-3.0.0.tgz", "resolved": "https://registry.npmjs.org/ansi-align/-/ansi-align-3.0.1.tgz",
"integrity": "sha512-ZpClVKqXN3RGBmKibdfWzqCY4lnjEuoNzU5T0oEFpfd/z5qJHVarukridD4juLO2FXMiwUQxr9WqQtaYa8XRYw==", "integrity": "sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w==",
"dev": true, "dev": true,
"requires": { "requires": {
"string-width": "^3.0.0" "string-width": "^4.1.0"
},
"dependencies": {
"ansi-regex": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
"integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==",
"dev": true
},
"emoji-regex": {
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz",
"integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==",
"dev": true
},
"is-fullwidth-code-point": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz",
"integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=",
"dev": true
},
"string-width": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
"integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==",
"dev": true,
"requires": {
"emoji-regex": "^7.0.1",
"is-fullwidth-code-point": "^2.0.0",
"strip-ansi": "^5.1.0"
}
},
"strip-ansi": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
"integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==",
"dev": true,
"requires": {
"ansi-regex": "^4.1.0"
}
}
} }
}, },
"ansi-regex": { "ansi-regex": {
"version": "5.0.0", "version": "5.0.1",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
"integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
"dev": true "dev": true
}, },
"ansi-styles": { "ansi-styles": {
@@ -3182,6 +3123,14 @@
"tz-offset": "0.0.1" "tz-offset": "0.0.1"
} }
}, },
"node-fetch": {
"version": "2.6.6",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.6.tgz",
"integrity": "sha512-Z8/6vRlTUChSdIgMa51jxQ4lrw/Jy5SOW10ObaA47/RElsAN2c5Pn8bTgFGWn/ibwzXTE8qwr1Yzx28vsecXEA==",
"requires": {
"whatwg-url": "^5.0.0"
}
},
"nodemailer": { "nodemailer": {
"version": "6.6.3", "version": "6.6.3",
"resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.6.3.tgz", "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.6.3.tgz",
@@ -3651,6 +3600,11 @@
"nopt": "~1.0.10" "nopt": "~1.0.10"
} }
}, },
"tr46": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
"integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
},
"type-fest": { "type-fest": {
"version": "0.8.1", "version": "0.8.1",
"resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz",
@@ -3744,15 +3698,29 @@
"integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg=="
}, },
"validator": { "validator": {
"version": "13.6.0", "version": "13.7.0",
"resolved": "https://registry.npmjs.org/validator/-/validator-13.6.0.tgz", "resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz",
"integrity": "sha512-gVgKbdbHgtxpRyR8K0O6oFZPhhB5tT1jeEHZR0Znr9Svg03U0+r9DXWMrnRAB+HtCStDQKlaIZm42tVsVjqtjg==" "integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw=="
}, },
"vary": { "vary": {
"version": "1.1.2", "version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
}, },
"webidl-conversions": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
},
"whatwg-url": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
"integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=",
"requires": {
"tr46": "~0.0.3",
"webidl-conversions": "^3.0.0"
}
},
"widest-line": { "widest-line": {
"version": "3.1.0", "version": "3.1.0",
"resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz",
package.json
+2 -2
View File
@@ -1,6 +1,6 @@
{ {
"name": "auth-server", "name": "auth-server",
"version": "1.4.0", "version": "1.4.9",
"description": "An API centric auth server. Uses Sequelize and mariaDB by default.", "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
"main": "server/server.js", "main": "server/server.js",
"scripts": { "scripts": {
@@ -20,13 +20,13 @@
"homepage": "https://github.com/krgamestudios/auth-server#readme", "homepage": "https://github.com/krgamestudios/auth-server#readme",
"dependencies": { "dependencies": {
"bcryptjs": "^2.4.3", "bcryptjs": "^2.4.3",
"body-parser": "^1.19.0",
"cors": "^2.8.5", "cors": "^2.8.5",
"dotenv": "^8.6.0", "dotenv": "^8.6.0",
"express": "^4.17.1", "express": "^4.17.1",
"jsonwebtoken": "^8.5.1", "jsonwebtoken": "^8.5.1",
"mariadb": "^2.5.4", "mariadb": "^2.5.4",
"node-cron": "^2.0.3", "node-cron": "^2.0.3",
"node-fetch": "^2.6.6",
"nodemailer": "^6.6.3", "nodemailer": "^6.6.3",
"sequelize": "^6.6.5" "sequelize": "^6.6.5"
}, },
server/auth/index.js
+8 -3
View File
@@ -14,12 +14,17 @@ router.post('/login', require('./login'));
//refresh token //refresh token
router.post('/token', require('./token')); router.post('/token', require('./token'));
//password recover and reset
router.post('/recover', require('./password-recover'));
router.get('/reset', require('./password-redirect'));
router.patch('/reset', require('./password-reset'));
//logouts allowed when banned, and when the token itself is invalid
router.delete('/logout', require('./logout'));
//middleware //middleware
router.use(tokenAuth); router.use(tokenAuth);
//logouts allowed when banned, still needs tokens
router.delete('/logout', require('./logout'));
router.use(async (req, res, next) => { router.use(async (req, res, next) => {
const record = await accounts.findOne({ const record = await accounts.findOne({
where: { where: {
server/auth/password-recover.js
+106
View File
@@ -0,0 +1,106 @@
//libraries
const nodemailer = require('nodemailer');
const { accounts, recovery } = require('../database/models');
//utilities
const uuid = require('../utilities/uuid');
const validateEmail = require('../utilities/validate-email');
//auth/recover
const route = async (req, res) => {
//validate details
const validateErr = await validateDetails(req.body);
if (validateErr) {
return res.status(401).end(validateErr);
}
//recovery token
const token = uuid(32);
//send the recovery email
const emailErr = await sendRecoveryEmail(req.body.email, token);
if (emailErr) {
return res.status(500).send(emailErr);
}
//save the token
await recovery.upsert({
email: req.body.email,
token: token
});
//finally
res.status(200).send("Recovery email sent!");
return null;
};
const validateDetails = async (body) => {
//basic formatting
if (!validateEmail(body.email)) {
return 'Invalid email';
}
//check for existing email
const emailRecord = await accounts.findOne({
where: {
email: body.email
}
});
if (!emailRecord) {
return 'Invalid email';
}
//OK
return null;
};
const sendRecoveryEmail = async (email, token) => {
const addr = `${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}/auth/reset?token=${token}`;
const msg = `Hello,
Please visit the following link to reset your password: ${addr}
If you did not request a password reset, you can safely ignore this message.
`;
let transporter, info;
//what exactly is a transport?
try {
transporter = nodemailer.createTransport({
host: process.env.MAIL_SMTP,
port: 465,
secure: true,
auth: {
user: process.env.MAIL_USERNAME,
pass: process.env.MAIL_PASSWORD
},
});
}
catch(e) {
return `failed to create a mail transport: ${e}`;
}
// send mail with defined transport object
try {
info = await transporter.sendMail({
from: `recovery@${process.env.WEB_ADDRESS}`, //WARNING: google overwrites this
to: email,
subject: 'Password Recovery',
text: msg
});
}
catch(e) {
return `failed to send validation mail: ${e}`;
}
if (info.accepted[0] != email) {
return 'recovery email failed to send';
}
return null;
};
module.exports = route;
server/auth/password-redirect.js
+21
View File
@@ -0,0 +1,21 @@
const { accounts, recovery } = require('../database/models');
//auth/reset
const route = async (req, res) => {
//verify the recovery record exists
const record = await recovery.findOne({
where: {
token: req.query.token
}
});
if (!record) {
return res.status(401).end('Failed to recover a password');
}
//redirect to the front-end
res.redirect(`${process.env.WEB_PROTOCOL}://${process.env.WEB_RESET_ADDRESS}?email=${record.email}&token=${record.token}`);
return null;
};
module.exports = route;
server/auth/password-reset.js
+62
View File
@@ -0,0 +1,62 @@
//libraries
const bcrypt = require('bcryptjs');
const { accounts, recovery } = require('../database/models');
//auth/reset
const route = async (req, res) => {
//validate the given details
const validateErr = await validateDetails(req.query, req.body);
if (validateErr) {
return res.status(401).send(validateErr);
}
//generate the password hash
const hash = await bcrypt.hash(req.body.password, await bcrypt.genSalt(11));
//update the account data
await accounts.update({
hash: hash
}, {
where: {
email: req.query.email
}
})
//delete from the recovery table
await recovery.destroy({
where: {
email: req.query.email
}
});
res.status(200).end();
return null;
};
const validateDetails = async (query, body) => {
//verify the recovery record exists
const record = await recovery.findOne({
where: {
email: query.email,
token: query.token
}
});
if (!record) {
return 'Failed to recover a password';
}
//validate password
if (!body.password) {
return 'Missing password';
}
if (body.password.length < 8) {
return 'Password too short';
}
return null;
};
module.exports = route;
server/auth/signup.js
+6 -9
View File
@@ -52,9 +52,6 @@ const validateDetails = async (body) => {
return 'Invalid username'; return 'Invalid username';
} }
//check for existing (banned)
//TODO: re-add banned email checks
//check for existing email //check for existing email
const emailRecord = await accounts.findOne({ const emailRecord = await accounts.findOne({
where: { where: {
@@ -107,12 +104,12 @@ const registerPendingSignup = async (body, hash, token) => {
const sendValidationEmail = async (email, username, token) => { const sendValidationEmail = async (email, username, token) => {
const addr = `${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}/auth/validation?username=${username}&token=${token}`; const addr = `${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}/auth/validation?username=${username}&token=${token}`;
const msg = `Hello ${username}! const msg =
`Hello ${username}!\n\n` +
Please visit the following link to validate your account: ${addr} `Please visit the following link to validate your account: ${addr}\n` +
(process.env.MAIL_PHYSICAL
You can contact us directly at our physical mailing address here: ${process.env.MAIL_PHYSICAL} ? `\nYou can contact us directly at our physical mailing address here: ${process.env.MAIL_PHYSICAL}\n`
`; : ``);
let transporter, info; let transporter, info;
server/auth/validation.js
+14 -2
View File
@@ -1,4 +1,5 @@
const { pendingSignups, accounts } = require('../database/models'); const { pendingSignups, accounts } = require('../database/models');
const fetch = require('node-fetch');
//auth/validation //auth/validation
const route = async (req, res) => { const route = async (req, res) => {
@@ -19,7 +20,7 @@ const route = async (req, res) => {
} }
//move data to the accounts table //move data to the accounts table
accounts.create({ const account = await accounts.create({
email: info.email, email: info.email,
username: info.username, username: info.username,
hash: info.hash, hash: info.hash,
@@ -29,12 +30,23 @@ const route = async (req, res) => {
//delete the pending signup //delete the pending signup
pendingSignups.destroy({ pendingSignups.destroy({
where: { where: {
username: req.query.username || '' username: info.username || ''
} }
}); });
//finally //finally
res.status(200).send('Validation succeeded!'); res.status(200).send('Validation succeeded!');
//post-validation hook
if (process.env.HOOK_POST_VALIDATION) {
const probe = await fetch(`https://${process.env.HOOK_POST_VALIDATION}?accountIndex=${account.index}`);
if (!probe.ok) {
console.error('Could not probe the post validation hook');
}
//discard the result
}
}; };
module.exports = route; module.exports = route;
server/database/models/index.js
+2 -1
View File
@@ -1,5 +1,6 @@
module.exports = { module.exports = {
tokens: require('./tokens'), tokens: require('./tokens'),
accounts: require('./accounts'), accounts: require('./accounts'),
pendingSignups: require('./pending-signups') pendingSignups: require('./pending-signups'),
recovery: require('./recovery')
}; };
server/database/models/recovery.js
+6
View File
@@ -0,0 +1,6 @@
const sequelize = require('..');
module.exports = sequelize.define('recovery', {
token: 'varchar(320)',
email: 'varchar(320)'
});
server/utilities/token-generate.js
+2 -2
View File
@@ -12,8 +12,8 @@ module.exports = (index, email, username, type, admin, mod) => {
mod, mod,
}; };
const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '10m' }); const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '10m', issuer: 'auth' });
const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH, { expiresIn: '30d' }); const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH, { expiresIn: '30d', issuer: 'auth' });
tokens.create({ token: refreshToken, email: email }); tokens.create({ token: refreshToken, email: email });
server/utilities/token-refresh.js
+2 -2
View File
@@ -4,12 +4,12 @@ const { tokens } = require('../database/models');
const generate = require('./token-generate'); const generate = require('./token-generate');
const destroy = require('./token-destroy'); const destroy = require('./token-destroy');
module.exports = (token, callback) => { module.exports = async (token, callback) => {
if (!token) { if (!token) {
return callback(401); return callback(401);
} }
const tokenRecord = tokens.findOne({ const tokenRecord = await tokens.findOne({
where: { where: {
token: token || '' token: token || ''
} }
test/requests.rest
+4 -2
View File
@@ -15,8 +15,8 @@ POST http://127.0.0.1:3200/auth/login HTTP/1.1
Content-Type: application/json Content-Type: application/json
{ {
"email": "kayneruse@gmail.com", "email": "admin@example.com",
"password": "helloworld" "password": "password"
} }
### ###
@@ -66,3 +66,5 @@ Content-Type: application/json
{ {
"password": "helloworld" "password": "helloworld"
} }
###