Merge branch 'dev' of https://git.odit.services/lfk/backend into dev

2020-12-06 10:48:51 +01:00
parent 99d8a0360f 5103e8a6e5
commit 9f7d004c3b
35 changed files with 92 additions and 77 deletions
--- a/src/models/actions/CreateAuth.ts
+++ b/src/models/actions/CreateAuth.ts
@@ -0,0 +1,58 @@
+import * as argon2 from "argon2";
+import { IsEmail, IsOptional, IsString } from 'class-validator';
+import * as jsonwebtoken from 'jsonwebtoken';
+import { getConnectionManager } from 'typeorm';
+import { config } from '../../config';
+import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
+import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
+import { User } from '../entities/User';
+import { Auth } from '../responses/ResponseAuth';
+
+export class CreateAuth {
+    @IsOptional()
+    @IsString()
+    username?: string;
+    @IsString()
+    password: string;
+    @IsOptional()
+    @IsEmail()
+    @IsString()
+    email?: string;
+
+    public async toAuth(): Promise<Auth> {
+        let newAuth: Auth = new Auth();
+
+        if (this.email === undefined && this.username === undefined) {
+            throw new UsernameOrEmailNeededError();
+        }
+        if (!this.password) {
+            throw new PasswordNeededError()
+        }
+        const found_users = await getConnectionManager().get().getRepository(User).find({ where: [{ username: this.username }, { email: this.email }] });
+        if (found_users.length === 0) {
+            throw new UserNotFoundError()
+        } else {
+            const found_user = found_users[0]
+            if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
+                const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
+                delete found_user.password;
+                newAuth.access_token = jsonwebtoken.sign({
+                    userdetails: found_user,
+                    exp: timestamp_accesstoken_expiry
+                }, config.jwt_secret)
+                newAuth.access_token_expires_at = timestamp_accesstoken_expiry
+                // 
+                const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
+                newAuth.refresh_token = jsonwebtoken.sign({
+                    refreshtokencount: found_user.refreshTokenCount,
+                    userid: found_user.id,
+                    exp: timestamp_refresh_expiry
+                }, config.jwt_secret)
+                newAuth.refresh_token_expires_at = timestamp_refresh_expiry
+            } else {
+                throw new InvalidCredentialsError()
+            }
+        }
+        return newAuth;
+    }
+}