lfk/backend
2
0
Fork 0
Code Issues 1 Pull Requests Actions Projects Releases 40 Activity

Merge branch 'feature/18-exported-env-vars' into feature/17-automated_tests

Browse Source
This commit is contained in:
Philipp Dormann
2020-12-06 10:45:15 +01:00
parent 1748fd4034 99d8a0360f
commit 2cdc91ec83
6 changed files with 23 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/app.ts
View File

@@ -1,18 +1,15 @@
import consola from "consola";
import * as dotenvSafe from "dotenv-safe";
import "reflect-metadata";
import { createExpressServer } from "routing-controllers";
import authchecker from "./authchecker";
import { config } from './config';
import loaders from "./loaders/index";
import { ErrorHandler } from './middlewares/ErrorHandler';
dotenvSafe.config();
const PORT = process.env.APP_PORT || 4010;
const app = createExpressServer({
authorizationChecker: authchecker,
middlewares: [ErrorHandler],
development: process.env.NODE_ENV === "production",
development: config.development,
cors: true,
routePrefix: "/api",
controllers: [__dirname + "/controllers/*.ts"],
@@ -20,9 +17,9 @@ const app = createExpressServer({
async function main() {
await loaders(app);
app.listen(PORT, () => {
app.listen(config.internal_port, () => {
consola.success(
`⚡️[server]: Server is running at http://localhost:${PORT}`
`⚡️[server]: Server is running at http://localhost:${config.internal_port}`
);
});
}

5
src/authchecker.ts
View File

@@ -1,6 +1,7 @@
import * as jwt from "jsonwebtoken";
import { Action } from "routing-controllers";
import { getConnectionManager } from 'typeorm';
import { config } from './config';
import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvalidError } from './errors/AuthError';
import { User } from './models/entities/User';
// -----------
@@ -15,7 +16,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
const provided_token = action.request.query["auth"];
let jwtPayload = undefined
try {
jwtPayload = <any>jwt.verify(provided_token, "securekey");
jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret);
} catch (error) {
console.log(error);
throw new IllegalJWTError()
@@ -42,7 +43,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
}
//
try {
jwt.verify(provided_token, process.env.JWT_SECRET || "secretjwtsecret");
jwt.verify(provided_token, config.jwt_secret);
return true
} catch (error) {
return false

7
src/config.ts Normal file
View File

@@ -0,0 +1,7 @@
import * as dotenvSafe from "dotenv-safe";
dotenvSafe.config();
export const config = {
internal_port: process.env.APP_PORT || 4010,
development: process.env.NODE_ENV === "production",
jwt_secret: process.env.JWT_SECRET || "secretjwtsecret"
}

5
src/models/actions/CreateAuth.ts
View File

@@ -2,6 +2,7 @@ import * as argon2 from "argon2";
import { IsEmail, IsOptional, IsString } from 'class-validator';
import * as jsonwebtoken from 'jsonwebtoken';
import { getConnectionManager } from 'typeorm';
import { config } from '../../config';
import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
import { User } from '../entities/User';
@@ -38,7 +39,7 @@ export class CreateAuth {
newAuth.access_token = jsonwebtoken.sign({
userdetails: found_user,
exp: timestamp_accesstoken_expiry
}, "securekey")
}, config.jwt_secret)
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
//
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
@@ -46,7 +47,7 @@ export class CreateAuth {
refreshtokencount: found_user.refreshTokenCount,
userid: found_user.id,
exp: timestamp_refresh_expiry
}, "securekey")
}, config.jwt_secret)
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
} else {
throw new InvalidCredentialsError()

3
src/models/actions/HandleLogout.ts
View File

@@ -1,6 +1,7 @@
import { IsString } from 'class-validator';
import * as jsonwebtoken from 'jsonwebtoken';
import { getConnectionManager } from 'typeorm';
import { config } from '../../config';
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
import { User } from '../entities/User';
import { Logout } from '../responses/ResponseLogout';
@@ -16,7 +17,7 @@ export class HandleLogout {
}
let decoded;
try {
decoded = jsonwebtoken.verify(this.token, 'securekey')
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
} catch (error) {
throw new IllegalJWTError()
}

7
src/models/actions/RefreshAuth.ts
View File

@@ -1,6 +1,7 @@
import { IsString } from 'class-validator';
import * as jsonwebtoken from 'jsonwebtoken';
import { getConnectionManager } from 'typeorm';
import { config } from '../../config';
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
import { User } from '../entities/User';
import { Auth } from '../responses/ResponseAuth';
@@ -16,7 +17,7 @@ export class RefreshAuth {
}
let decoded
try {
decoded = jsonwebtoken.verify(this.token, 'securekey')
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
} catch (error) {
throw new IllegalJWTError()
}
@@ -33,7 +34,7 @@ export class RefreshAuth {
newAuth.access_token = jsonwebtoken.sign({
userdetails: found_user,
exp: timestamp_accesstoken_expiry
}, "securekey")
}, config.jwt_secret)
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
//
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
@@ -41,7 +42,7 @@ export class RefreshAuth {
refreshtokencount: found_user.refreshTokenCount,
userid: found_user.id,
exp: timestamp_refresh_expiry
}, "securekey")
}, config.jwt_secret)
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
return newAuth;