parent
5c259484ee
commit
99d8a0360f
11
src/app.ts
11
src/app.ts
|
@ -1,18 +1,15 @@
|
|||
import consola from "consola";
|
||||
import * as dotenvSafe from "dotenv-safe";
|
||||
import "reflect-metadata";
|
||||
import { createExpressServer } from "routing-controllers";
|
||||
import authchecker from "./authchecker";
|
||||
import { config } from './config';
|
||||
import loaders from "./loaders/index";
|
||||
import { ErrorHandler } from './middlewares/ErrorHandler';
|
||||
|
||||
dotenvSafe.config();
|
||||
const PORT = process.env.APP_PORT || 4010;
|
||||
|
||||
const app = createExpressServer({
|
||||
authorizationChecker: authchecker,
|
||||
middlewares: [ErrorHandler],
|
||||
development: process.env.NODE_ENV === "production",
|
||||
development: config.development,
|
||||
cors: true,
|
||||
routePrefix: "/api",
|
||||
controllers: [__dirname + "/controllers/*.ts"],
|
||||
|
@ -20,9 +17,9 @@ const app = createExpressServer({
|
|||
|
||||
async function main() {
|
||||
await loaders(app);
|
||||
app.listen(PORT, () => {
|
||||
app.listen(config.internal_port, () => {
|
||||
consola.success(
|
||||
`⚡️[server]: Server is running at http://localhost:${PORT}`
|
||||
`⚡️[server]: Server is running at http://localhost:${config.internal_port}`
|
||||
);
|
||||
});
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import * as jwt from "jsonwebtoken";
|
||||
import { Action } from "routing-controllers";
|
||||
import { getConnectionManager } from 'typeorm';
|
||||
import { config } from './config';
|
||||
import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvalidError } from './errors/AuthError';
|
||||
import { User } from './models/entities/User';
|
||||
// -----------
|
||||
|
@ -15,7 +16,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
|
|||
const provided_token = action.request.query["auth"];
|
||||
let jwtPayload = undefined
|
||||
try {
|
||||
jwtPayload = <any>jwt.verify(provided_token, "securekey");
|
||||
jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret);
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
throw new IllegalJWTError()
|
||||
|
@ -42,7 +43,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
|
|||
}
|
||||
//
|
||||
try {
|
||||
jwt.verify(provided_token, process.env.JWT_SECRET || "secretjwtsecret");
|
||||
jwt.verify(provided_token, config.jwt_secret);
|
||||
return true
|
||||
} catch (error) {
|
||||
return false
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
import * as dotenvSafe from "dotenv-safe";
|
||||
dotenvSafe.config();
|
||||
export const config = {
|
||||
internal_port: process.env.APP_PORT || 4010,
|
||||
development: process.env.NODE_ENV === "production",
|
||||
jwt_secret: process.env.JWT_SECRET || "secretjwtsecret"
|
||||
}
|
|
@ -2,6 +2,7 @@ import * as argon2 from "argon2";
|
|||
import { IsEmail, IsOptional, IsString } from 'class-validator';
|
||||
import * as jsonwebtoken from 'jsonwebtoken';
|
||||
import { getConnectionManager } from 'typeorm';
|
||||
import { config } from '../../config';
|
||||
import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
|
||||
import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
|
||||
import { User } from '../entities/User';
|
||||
|
@ -38,7 +39,7 @@ export class CreateAuth {
|
|||
newAuth.access_token = jsonwebtoken.sign({
|
||||
userdetails: found_user,
|
||||
exp: timestamp_accesstoken_expiry
|
||||
}, "securekey")
|
||||
}, config.jwt_secret)
|
||||
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
||||
//
|
||||
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
||||
|
@ -46,7 +47,7 @@ export class CreateAuth {
|
|||
refreshtokencount: found_user.refreshTokenCount,
|
||||
userid: found_user.id,
|
||||
exp: timestamp_refresh_expiry
|
||||
}, "securekey")
|
||||
}, config.jwt_secret)
|
||||
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
||||
} else {
|
||||
throw new InvalidCredentialsError()
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import { IsString } from 'class-validator';
|
||||
import * as jsonwebtoken from 'jsonwebtoken';
|
||||
import { getConnectionManager } from 'typeorm';
|
||||
import { config } from '../../config';
|
||||
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
||||
import { User } from '../entities/User';
|
||||
import { Logout } from '../responses/Logout';
|
||||
|
@ -16,7 +17,7 @@ export class HandleLogout {
|
|||
}
|
||||
let decoded;
|
||||
try {
|
||||
decoded = jsonwebtoken.verify(this.token, 'securekey')
|
||||
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
|
||||
} catch (error) {
|
||||
throw new IllegalJWTError()
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import { IsString } from 'class-validator';
|
||||
import * as jsonwebtoken from 'jsonwebtoken';
|
||||
import { getConnectionManager } from 'typeorm';
|
||||
import { config } from '../../config';
|
||||
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
||||
import { User } from '../entities/User';
|
||||
import { Auth } from '../responses/Auth';
|
||||
|
@ -16,7 +17,7 @@ export class RefreshAuth {
|
|||
}
|
||||
let decoded
|
||||
try {
|
||||
decoded = jsonwebtoken.verify(this.token, 'securekey')
|
||||
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
|
||||
} catch (error) {
|
||||
throw new IllegalJWTError()
|
||||
}
|
||||
|
@ -33,7 +34,7 @@ export class RefreshAuth {
|
|||
newAuth.access_token = jsonwebtoken.sign({
|
||||
userdetails: found_user,
|
||||
exp: timestamp_accesstoken_expiry
|
||||
}, "securekey")
|
||||
}, config.jwt_secret)
|
||||
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
||||
//
|
||||
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
||||
|
@ -41,7 +42,7 @@ export class RefreshAuth {
|
|||
refreshtokencount: found_user.refreshTokenCount,
|
||||
userid: found_user.id,
|
||||
exp: timestamp_refresh_expiry
|
||||
}, "securekey")
|
||||
}, config.jwt_secret)
|
||||
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
||||
|
||||
return newAuth;
|
||||
|
|
Loading…
Reference in New Issue