parent
5c259484ee
commit
99d8a0360f
11
src/app.ts
11
src/app.ts
@ -1,18 +1,15 @@
|
|||||||
import consola from "consola";
|
import consola from "consola";
|
||||||
import * as dotenvSafe from "dotenv-safe";
|
|
||||||
import "reflect-metadata";
|
import "reflect-metadata";
|
||||||
import { createExpressServer } from "routing-controllers";
|
import { createExpressServer } from "routing-controllers";
|
||||||
import authchecker from "./authchecker";
|
import authchecker from "./authchecker";
|
||||||
|
import { config } from './config';
|
||||||
import loaders from "./loaders/index";
|
import loaders from "./loaders/index";
|
||||||
import { ErrorHandler } from './middlewares/ErrorHandler';
|
import { ErrorHandler } from './middlewares/ErrorHandler';
|
||||||
|
|
||||||
dotenvSafe.config();
|
|
||||||
const PORT = process.env.APP_PORT || 4010;
|
|
||||||
|
|
||||||
const app = createExpressServer({
|
const app = createExpressServer({
|
||||||
authorizationChecker: authchecker,
|
authorizationChecker: authchecker,
|
||||||
middlewares: [ErrorHandler],
|
middlewares: [ErrorHandler],
|
||||||
development: process.env.NODE_ENV === "production",
|
development: config.development,
|
||||||
cors: true,
|
cors: true,
|
||||||
routePrefix: "/api",
|
routePrefix: "/api",
|
||||||
controllers: [__dirname + "/controllers/*.ts"],
|
controllers: [__dirname + "/controllers/*.ts"],
|
||||||
@ -20,9 +17,9 @@ const app = createExpressServer({
|
|||||||
|
|
||||||
async function main() {
|
async function main() {
|
||||||
await loaders(app);
|
await loaders(app);
|
||||||
app.listen(PORT, () => {
|
app.listen(config.internal_port, () => {
|
||||||
consola.success(
|
consola.success(
|
||||||
`⚡️[server]: Server is running at http://localhost:${PORT}`
|
`⚡️[server]: Server is running at http://localhost:${config.internal_port}`
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
import * as jwt from "jsonwebtoken";
|
import * as jwt from "jsonwebtoken";
|
||||||
import { Action } from "routing-controllers";
|
import { Action } from "routing-controllers";
|
||||||
import { getConnectionManager } from 'typeorm';
|
import { getConnectionManager } from 'typeorm';
|
||||||
|
import { config } from './config';
|
||||||
import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvalidError } from './errors/AuthError';
|
import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvalidError } from './errors/AuthError';
|
||||||
import { User } from './models/entities/User';
|
import { User } from './models/entities/User';
|
||||||
// -----------
|
// -----------
|
||||||
@ -15,7 +16,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
|
|||||||
const provided_token = action.request.query["auth"];
|
const provided_token = action.request.query["auth"];
|
||||||
let jwtPayload = undefined
|
let jwtPayload = undefined
|
||||||
try {
|
try {
|
||||||
jwtPayload = <any>jwt.verify(provided_token, "securekey");
|
jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
console.log(error);
|
console.log(error);
|
||||||
throw new IllegalJWTError()
|
throw new IllegalJWTError()
|
||||||
@ -42,7 +43,7 @@ const authchecker = async (action: Action, permissions: string | string[]) => {
|
|||||||
}
|
}
|
||||||
//
|
//
|
||||||
try {
|
try {
|
||||||
jwt.verify(provided_token, process.env.JWT_SECRET || "secretjwtsecret");
|
jwt.verify(provided_token, config.jwt_secret);
|
||||||
return true
|
return true
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
return false
|
return false
|
||||||
|
|||||||
7
src/config.ts
Normal file
7
src/config.ts
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
import * as dotenvSafe from "dotenv-safe";
|
||||||
|
dotenvSafe.config();
|
||||||
|
export const config = {
|
||||||
|
internal_port: process.env.APP_PORT || 4010,
|
||||||
|
development: process.env.NODE_ENV === "production",
|
||||||
|
jwt_secret: process.env.JWT_SECRET || "secretjwtsecret"
|
||||||
|
}
|
||||||
@ -2,6 +2,7 @@ import * as argon2 from "argon2";
|
|||||||
import { IsEmail, IsOptional, IsString } from 'class-validator';
|
import { IsEmail, IsOptional, IsString } from 'class-validator';
|
||||||
import * as jsonwebtoken from 'jsonwebtoken';
|
import * as jsonwebtoken from 'jsonwebtoken';
|
||||||
import { getConnectionManager } from 'typeorm';
|
import { getConnectionManager } from 'typeorm';
|
||||||
|
import { config } from '../../config';
|
||||||
import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
|
import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
|
||||||
import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
|
import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
|
||||||
import { User } from '../entities/User';
|
import { User } from '../entities/User';
|
||||||
@ -38,7 +39,7 @@ export class CreateAuth {
|
|||||||
newAuth.access_token = jsonwebtoken.sign({
|
newAuth.access_token = jsonwebtoken.sign({
|
||||||
userdetails: found_user,
|
userdetails: found_user,
|
||||||
exp: timestamp_accesstoken_expiry
|
exp: timestamp_accesstoken_expiry
|
||||||
}, "securekey")
|
}, config.jwt_secret)
|
||||||
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
||||||
//
|
//
|
||||||
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
||||||
@ -46,7 +47,7 @@ export class CreateAuth {
|
|||||||
refreshtokencount: found_user.refreshTokenCount,
|
refreshtokencount: found_user.refreshTokenCount,
|
||||||
userid: found_user.id,
|
userid: found_user.id,
|
||||||
exp: timestamp_refresh_expiry
|
exp: timestamp_refresh_expiry
|
||||||
}, "securekey")
|
}, config.jwt_secret)
|
||||||
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
||||||
} else {
|
} else {
|
||||||
throw new InvalidCredentialsError()
|
throw new InvalidCredentialsError()
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
import { IsString } from 'class-validator';
|
import { IsString } from 'class-validator';
|
||||||
import * as jsonwebtoken from 'jsonwebtoken';
|
import * as jsonwebtoken from 'jsonwebtoken';
|
||||||
import { getConnectionManager } from 'typeorm';
|
import { getConnectionManager } from 'typeorm';
|
||||||
|
import { config } from '../../config';
|
||||||
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
||||||
import { User } from '../entities/User';
|
import { User } from '../entities/User';
|
||||||
import { Logout } from '../responses/Logout';
|
import { Logout } from '../responses/Logout';
|
||||||
@ -16,7 +17,7 @@ export class HandleLogout {
|
|||||||
}
|
}
|
||||||
let decoded;
|
let decoded;
|
||||||
try {
|
try {
|
||||||
decoded = jsonwebtoken.verify(this.token, 'securekey')
|
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
throw new IllegalJWTError()
|
throw new IllegalJWTError()
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
import { IsString } from 'class-validator';
|
import { IsString } from 'class-validator';
|
||||||
import * as jsonwebtoken from 'jsonwebtoken';
|
import * as jsonwebtoken from 'jsonwebtoken';
|
||||||
import { getConnectionManager } from 'typeorm';
|
import { getConnectionManager } from 'typeorm';
|
||||||
|
import { config } from '../../config';
|
||||||
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
import { IllegalJWTError, JwtNotProvidedError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
||||||
import { User } from '../entities/User';
|
import { User } from '../entities/User';
|
||||||
import { Auth } from '../responses/Auth';
|
import { Auth } from '../responses/Auth';
|
||||||
@ -16,7 +17,7 @@ export class RefreshAuth {
|
|||||||
}
|
}
|
||||||
let decoded
|
let decoded
|
||||||
try {
|
try {
|
||||||
decoded = jsonwebtoken.verify(this.token, 'securekey')
|
decoded = jsonwebtoken.verify(this.token, config.jwt_secret)
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
throw new IllegalJWTError()
|
throw new IllegalJWTError()
|
||||||
}
|
}
|
||||||
@ -33,7 +34,7 @@ export class RefreshAuth {
|
|||||||
newAuth.access_token = jsonwebtoken.sign({
|
newAuth.access_token = jsonwebtoken.sign({
|
||||||
userdetails: found_user,
|
userdetails: found_user,
|
||||||
exp: timestamp_accesstoken_expiry
|
exp: timestamp_accesstoken_expiry
|
||||||
}, "securekey")
|
}, config.jwt_secret)
|
||||||
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
newAuth.access_token_expires_at = timestamp_accesstoken_expiry
|
||||||
//
|
//
|
||||||
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
|
||||||
@ -41,7 +42,7 @@ export class RefreshAuth {
|
|||||||
refreshtokencount: found_user.refreshTokenCount,
|
refreshtokencount: found_user.refreshTokenCount,
|
||||||
userid: found_user.id,
|
userid: found_user.id,
|
||||||
exp: timestamp_refresh_expiry
|
exp: timestamp_refresh_expiry
|
||||||
}, "securekey")
|
}, config.jwt_secret)
|
||||||
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
newAuth.refresh_token_expires_at = timestamp_refresh_expiry
|
||||||
|
|
||||||
return newAuth;
|
return newAuth;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user