KevinMidboe/seasonedShows
1
0
Fork 0
Code Issues 20 Pull Requests 2 Packages Projects Releases 8 Wiki Activity

Login and register builds and sets cookie auth token

Browse Source
This commit is contained in:
Kevin
2022-03-06 10:27:14 +01:00
parent 5b6a2c2651
commit c6791a7027
2 changed files with 75 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
seasoned_api/src/webserver/controllers/user/login.js
View File

@@ -1,36 +1,61 @@
const User = require('src/user/user'); const User = require("src/user/user");
const Token = require('src/user/token'); const Token = require("src/user/token");
const UserSecurity = require('src/user/userSecurity'); const UserSecurity = require("src/user/userSecurity");
const UserRepository = require('src/user/userRepository'); const UserRepository = require("src/user/userRepository");
const configuration = require('src/config/configuration').getInstance(); const configuration = require("src/config/configuration").getInstance();
const secret = configuration.get('authentication', 'secret'); const secret = configuration.get("authentication", "secret");
const userSecurity = new UserSecurity(); const userSecurity = new UserSecurity();
const userRepository = new UserRepository(); const userRepository = new UserRepository();
// TODO look to move some of the token generation out of the reach of the final "catch-all" // TODO look to move some of the token generation out of the reach of the final "catch-all"
// catch including the, maybe sensitive, error message. // catch including the, maybe sensitive, error message.
const isProduction = process.env.NODE_ENV === "production";
const cookieOptions = {
httpOnly: false,
secure: isProduction,
maxAge: 90 * 24 * 3600000, // 90 days
sameSite: isProduction ? "Strict" : "Lax"
};
/** /**
* Controller: Log in a user provided correct credentials. * Controller: Log in a user provided correct credentials.
* @param {Request} req http request variable * @param {Request} req http request variable
* @param {Response} res * @param {Response} res
* @returns {Callback} * @returns {Callback}
*/ */
function loginController(req, res) { async function loginController(req, res) {
const user = new User(req.body.username); const user = new User(req.body.username);
const password = req.body.password; const password = req.body.password;
userSecurity.login(user, password) try {
.then(() => userRepository.checkAdmin(user)) const [loggedIn, isAdmin, settings] = await Promise.all([
.then(checkAdmin => { userSecurity.login(user, password),
const isAdmin = checkAdmin === 1 ? true : false; userRepository.checkAdmin(user),
const token = new Token(user, isAdmin).toString(secret); userRepository.getSettings(user.username)
res.send({ success: true, token }); ]);
})
.catch(error => { if (!loggedIn) {
res.status(401).send({ success: false, message: error.message }); return res.status(503).send({
success: false,
message: "Unexpected error! Unable to create user."
}); });
} }
const token = new Token(
user,
isAdmin === 1 ? true : false,
settings
).toString(secret);
return res.cookie("authorization", token, cookieOptions).status(200).send({
success: true,
message: "Welcome to request.movie!"
});
} catch (error) {
return res.status(401).send({ success: false, message: error.message });
}
}
module.exports = loginController; module.exports = loginController;

38
seasoned_api/src/webserver/controllers/user/register.js
View File

@@ -1,13 +1,21 @@
const User = require('src/user/user'); const User = require("src/user/user");
const Token = require('src/user/token'); const Token = require("src/user/token");
const UserSecurity = require('src/user/userSecurity'); const UserSecurity = require("src/user/userSecurity");
const UserRepository = require('src/user/userRepository'); const UserRepository = require("src/user/userRepository");
const configuration = require('src/config/configuration').getInstance(); const configuration = require("src/config/configuration").getInstance();
const secret = configuration.get('authentication', 'secret'); const secret = configuration.get("authentication", "secret");
const userSecurity = new UserSecurity(); const userSecurity = new UserSecurity();
const userRepository = new UserRepository(); const userRepository = new UserRepository();
const isProduction = process.env.NODE_ENV === "production";
const cookieOptions = {
httpOnly: false,
secure: isProduction,
maxAge: 90 * 24 * 3600000, // 90 days
sameSite: isProduction ? "Strict" : "Lax"
};
/** /**
* Controller: Register a new user * Controller: Register a new user
* @param {Request} req http request variable * @param {Request} req http request variable
@@ -18,13 +26,17 @@ function registerController(req, res) {
const user = new User(req.body.username, req.body.email); const user = new User(req.body.username, req.body.email);
const password = req.body.password; const password = req.body.password;
userSecurity.createNewUser(user, password) userSecurity
.then(() => userRepository.checkAdmin(user)) .createNewUser(user, password)
.then(checkAdmin => { .then(() => {
const isAdmin = checkAdmin === 1 ? true : false; const token = new Token(user, false).toString(secret);
const token = new Token(user, isAdmin).toString(secret);
res.send({ return res
success: true, message: 'Welcome to Seasoned!', token .cookie("authorization", token, cookieOptions)
.status(200)
.send({
success: true,
message: "Welcome to Seasoned!"
}); });
}) })
.catch(error => { .catch(error => {