diff --git a/src/app.ts b/src/app.ts index e19d313..fd3dc8e 100644 --- a/src/app.ts +++ b/src/app.ts @@ -1,18 +1,15 @@ import consola from "consola"; -import * as dotenvSafe from "dotenv-safe"; import "reflect-metadata"; import { createExpressServer } from "routing-controllers"; import authchecker from "./authchecker"; +import { config } from './config'; import loaders from "./loaders/index"; import { ErrorHandler } from './middlewares/ErrorHandler'; -dotenvSafe.config(); -const PORT = process.env.APP_PORT || 4010; - const app = createExpressServer({ authorizationChecker: authchecker, middlewares: [ErrorHandler], - development: process.env.NODE_ENV === "production", + development: config.development, cors: true, routePrefix: "/api", controllers: [__dirname + "/controllers/*.ts"], @@ -20,9 +17,9 @@ const app = createExpressServer({ async function main() { await loaders(app); - app.listen(PORT, () => { + app.listen(config.internal_port, () => { consola.success( - `⚡️[server]: Server is running at http://localhost:${PORT}` + `⚡️[server]: Server is running at http://localhost:${config.internal_port}` ); }); } diff --git a/src/authchecker.ts b/src/authchecker.ts index f61f35f..869e0da 100644 --- a/src/authchecker.ts +++ b/src/authchecker.ts @@ -1,6 +1,7 @@ import * as jwt from "jsonwebtoken"; import { Action } from "routing-controllers"; import { getConnectionManager } from 'typeorm'; +import { config } from './config'; import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvalidError } from './errors/AuthError'; import { User } from './models/entities/User'; // ----------- @@ -15,7 +16,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => { const provided_token = action.request.query["auth"]; let jwtPayload = undefined try { - jwtPayload = jwt.verify(provided_token, "securekey"); + jwtPayload = jwt.verify(provided_token, config.jwt_secret); } catch (error) { console.log(error); throw new IllegalJWTError() @@ -42,7 +43,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => { } // try { - jwt.verify(provided_token, process.env.JWT_SECRET || "secretjwtsecret"); + jwt.verify(provided_token, config.jwt_secret); return true } catch (error) { return false diff --git a/src/config.ts b/src/config.ts new file mode 100644 index 0000000..5f54ce3 --- /dev/null +++ b/src/config.ts @@ -0,0 +1,7 @@ +import * as dotenvSafe from "dotenv-safe"; +dotenvSafe.config(); +export const config = { + internal_port: process.env.APP_PORT || 4010, + development: process.env.NODE_ENV === "production", + jwt_secret: process.env.JWT_SECRET || "secretjwtsecret" +} \ No newline at end of file diff --git a/src/models/creation/CreateAuth.ts b/src/models/creation/CreateAuth.ts index 140f9ef..42a0d5d 100644 --- a/src/models/creation/CreateAuth.ts +++ b/src/models/creation/CreateAuth.ts @@ -2,6 +2,7 @@ import * as argon2 from "argon2"; import { IsEmail, IsOptional, IsString } from 'class-validator'; import * as jsonwebtoken from 'jsonwebtoken'; import { getConnectionManager } from 'typeorm'; +import { config } from '../../config'; import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError'; import { UsernameOrEmailNeededError } from '../../errors/UserErrors'; import { User } from '../entities/User'; @@ -38,7 +39,7 @@ export class CreateAuth { newAuth.access_token = jsonwebtoken.sign({ userdetails: found_user, exp: timestamp_accesstoken_expiry - }, "securekey") + }, config.jwt_secret) newAuth.access_token_expires_at = timestamp_accesstoken_expiry // const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000 @@ -46,7 +47,7 @@ export class CreateAuth { refreshtokencount: found_user.refreshTokenCount, userid: found_user.id, exp: timestamp_refresh_expiry - }, "securekey") + }, config.jwt_secret) newAuth.refresh_token_expires_at = timestamp_refresh_expiry } else { throw new InvalidCredentialsError() diff --git a/src/models/creation/HandleLogout.ts b/src/models/creation/HandleLogout.ts index c50edd0..4b23d5f 100644 --- a/src/models/creation/HandleLogout.ts +++ b/src/models/creation/HandleLogout.ts @@ -1,6 +1,7 @@ import { IsString } from 'class-validator'; import * as jsonwebtoken from 'jsonwebtoken'; import { getConnectionManager } from 'typeorm'; +import { config } from '../../config'; import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError'; import { User } from '../entities/User'; import { Logout } from '../responses/Logout'; @@ -16,7 +17,7 @@ export class HandleLogout { } let decoded; try { - decoded = jsonwebtoken.verify(this.token, 'securekey') + decoded = jsonwebtoken.verify(this.token, config.jwt_secret) } catch (error) { throw new IllegalJWTError() } diff --git a/src/models/creation/RefreshAuth.ts b/src/models/creation/RefreshAuth.ts index 66e27f8..96bbc8d 100644 --- a/src/models/creation/RefreshAuth.ts +++ b/src/models/creation/RefreshAuth.ts @@ -1,6 +1,7 @@ import { IsString } from 'class-validator'; import * as jsonwebtoken from 'jsonwebtoken'; import { getConnectionManager } from 'typeorm'; +import { config } from '../../config'; import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError'; import { User } from '../entities/User'; import { Auth } from '../responses/Auth'; @@ -16,7 +17,7 @@ export class RefreshAuth { } let decoded try { - decoded = jsonwebtoken.verify(this.token, 'securekey') + decoded = jsonwebtoken.verify(this.token, config.jwt_secret) } catch (error) { throw new IllegalJWTError() } @@ -33,7 +34,7 @@ export class RefreshAuth { newAuth.access_token = jsonwebtoken.sign({ userdetails: found_user, exp: timestamp_accesstoken_expiry - }, "securekey") + }, config.jwt_secret) newAuth.access_token_expires_at = timestamp_accesstoken_expiry // const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000 @@ -41,7 +42,7 @@ export class RefreshAuth { refreshtokencount: found_user.refreshTokenCount, userid: found_user.id, exp: timestamp_refresh_expiry - }, "securekey") + }, config.jwt_secret) newAuth.refresh_token_expires_at = timestamp_refresh_expiry return newAuth;