lfk/backend
2
0
Fork 0
Code Issues 1 Pull Requests Actions Projects Releases 40 Activity

🚀Bumped version to v0.4.3
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nicolai Ort 2021-02-07 13:40:32 +01:00
parent f3f5cb462e
commit 656d564baa
2 changed files with 111 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "@odit/lfk-backend", "name": "@odit/lfk-backend",
"version": "0.4.2", "version": "0.4.3",
"main": "src/app.ts", "main": "src/app.ts",
"repository": "https://git.odit.services/lfk/backend", "repository": "https://git.odit.services/lfk/backend",
"author": { "author": {

221
src/controllers/AuthController.ts
View File

@ -1,111 +1,110 @@
import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers'; import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers';
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError'; import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
import { UserNotFoundError } from '../errors/UserErrors'; import { UserNotFoundError } from '../errors/UserErrors';
import { Mailer } from '../mailer'; import { Mailer } from '../mailer';
import { CreateAuth } from '../models/actions/create/CreateAuth'; import { CreateAuth } from '../models/actions/create/CreateAuth';
import { CreateResetToken } from '../models/actions/create/CreateResetToken'; import { CreateResetToken } from '../models/actions/create/CreateResetToken';
import { HandleLogout } from '../models/actions/HandleLogout'; import { HandleLogout } from '../models/actions/HandleLogout';
import { RefreshAuth } from '../models/actions/RefreshAuth'; import { RefreshAuth } from '../models/actions/RefreshAuth';
import { ResetPassword } from '../models/actions/ResetPassword'; import { ResetPassword } from '../models/actions/ResetPassword';
import { ResponseAuth } from '../models/responses/ResponseAuth'; import { ResponseAuth } from '../models/responses/ResponseAuth';
import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseEmpty } from '../models/responses/ResponseEmpty';
import { Logout } from '../models/responses/ResponseLogout'; import { Logout } from '../models/responses/ResponseLogout';
@JsonController('/auth') @JsonController('/auth')
export class AuthController { export class AuthController {
private mailer: Mailer; private mailer: Mailer;
constructor() { constructor() {
this.mailer = new Mailer(); this.mailer = new Mailer();
} }
@Post("/login") @Post("/login")
@ResponseSchema(ResponseAuth) @ResponseSchema(ResponseAuth)
@ResponseSchema(InvalidCredentialsError) @ResponseSchema(InvalidCredentialsError)
@ResponseSchema(UserNotFoundError) @ResponseSchema(UserNotFoundError)
@ResponseSchema(UsernameOrEmailNeededError) @ResponseSchema(UsernameOrEmailNeededError)
@ResponseSchema(PasswordNeededError) @ResponseSchema(PasswordNeededError)
@ResponseSchema(InvalidCredentialsError) @ResponseSchema(InvalidCredentialsError)
@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' }) @OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) { async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
let auth; let auth;
console.log(createAuth) try {
try { auth = await createAuth.toAuth();
auth = await createAuth.toAuth(); response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true }); response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true }); return response.send(auth)
return response.send(auth) } catch (error) {
} catch (error) { throw error;
throw error; }
} }
}
@Post("/logout")
@Post("/logout") @ResponseSchema(Logout)
@ResponseSchema(Logout) @ResponseSchema(InvalidCredentialsError)
@ResponseSchema(InvalidCredentialsError) @ResponseSchema(UserNotFoundError)
@ResponseSchema(UserNotFoundError) @ResponseSchema(UsernameOrEmailNeededError)
@ResponseSchema(UsernameOrEmailNeededError) @ResponseSchema(PasswordNeededError)
@ResponseSchema(PasswordNeededError) @ResponseSchema(InvalidCredentialsError)
@ResponseSchema(InvalidCredentialsError) @OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] })
@OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] }) async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) {
async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) { if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) {
if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) { handleLogout.token = refresh_token;
handleLogout.token = refresh_token; }
}
let logout;
let logout; try {
try { logout = await handleLogout.logout()
logout = await handleLogout.logout() await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true });
await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true }); response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true });
response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true }); } catch (error) {
} catch (error) { throw error;
throw error; }
} return response.send(logout)
return response.send(logout) }
}
@Post("/refresh")
@Post("/refresh") @ResponseSchema(ResponseAuth)
@ResponseSchema(ResponseAuth) @ResponseSchema(JwtNotProvidedError)
@ResponseSchema(JwtNotProvidedError) @ResponseSchema(IllegalJWTError)
@ResponseSchema(IllegalJWTError) @ResponseSchema(UserNotFoundError)
@ResponseSchema(UserNotFoundError) @ResponseSchema(RefreshTokenCountInvalidError)
@ResponseSchema(RefreshTokenCountInvalidError) @OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] })
@OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] }) async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) {
async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) { if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) {
if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) { refreshAuth.token = refresh_token;
refreshAuth.token = refresh_token; }
} let auth;
let auth; try {
try { auth = await refreshAuth.toAuth();
auth = await refreshAuth.toAuth(); response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true }); response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true }); } catch (error) {
} catch (error) { throw error;
throw error; }
} return response.send(auth)
return response.send(auth) }
}
@Post("/reset")
@Post("/reset") @ResponseSchema(ResponseEmpty, { statusCode: 200 })
@ResponseSchema(ResponseEmpty, { statusCode: 200 }) @ResponseSchema(UserNotFoundError, { statusCode: 404 })
@ResponseSchema(UserNotFoundError, { statusCode: 404 }) @ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 }) @OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." }) async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) {
async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) { const reset_token: string = await passwordReset.toResetToken();
const reset_token: string = await passwordReset.toResetToken(); await this.mailer.sendResetMail(passwordReset.email, reset_token);
await this.mailer.sendResetMail(passwordReset.email, reset_token); return new ResponseEmpty();
return new ResponseEmpty(); }
}
@Post("/reset/:token")
@Post("/reset/:token") @ResponseSchema(ResponseAuth)
@ResponseSchema(ResponseAuth) @ResponseSchema(UserNotFoundError)
@ResponseSchema(UserNotFoundError) @ResponseSchema(UsernameOrEmailNeededError)
@ResponseSchema(UsernameOrEmailNeededError) @OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." })
@OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." }) async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) {
async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) { passwordReset.resetToken = token;
passwordReset.resetToken = token; return await passwordReset.resetPassword();
return await passwordReset.resetPassword(); }
} }
}