phillip/karaoqueue
1
0
Fork 0
mirror of https://github.com/PhoenixTwoFive/karaoqueue.git synced 2025-05-20 11:31:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Auth cleanup

Browse Source
This commit is contained in:
Phillip Kühne 2020-10-03 23:29:03 +02:00
parent ba02a01838
commit 80682ab883
4 changed files with 42 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/karaoqueue-backend/src/controllers/auth.controller.ts
View File

@ -17,15 +17,16 @@ export class AuthenticationController {
res.send("Welcome.") res.send("Welcome.")
return res; return res;
} else { } else {
// TODO wrong password. res.status(401).send("Wrong user or password.");
return "Wrong password." return res;
} }
} else { } else {
// TODO wrong user. res.status(401).send("Wrong user or password.");
return "Wrong user." return res;
} }
} }
/* TODO Logout with JWT? */
@Get("/logout") @Get("/logout")
doLogout() { doLogout() {
return "//TODO logout"; return "//TODO logout";

4
backend/karaoqueue-backend/src/controllers/songs.controller.ts
View File

@ -1,4 +1,5 @@
import { Get, QueryParam, JsonController, Put } from "routing-controllers"; import { Get, QueryParam, JsonController, Put, Authorized } from "routing-controllers";
@JsonController("/songs") @JsonController("/songs")
export class SongController { export class SongController {
@ -8,6 +9,7 @@ export class SongController {
} }
@Put() @Put()
@Authorized()
updateSongs() { updateSongs() {
return "//TODO update" return "//TODO update"
} }

38
backend/karaoqueue-backend/src/index.ts
View File

@ -1,5 +1,5 @@
import "reflect-metadata"; import "reflect-metadata";
import { Request, Response } from "express"; import { Request, Response, Application } from "express";
import { Action, createExpressServer } from "routing-controllers"; import { Action, createExpressServer } from "routing-controllers";
import { QueueController } from "./controllers/queue.controller"; import { QueueController } from "./controllers/queue.controller";
import { SongController } from "./controllers/songs.controller"; import { SongController } from "./controllers/songs.controller";
@ -7,18 +7,22 @@ import { StatisticsController } from "./controllers/statistics.controller";
import { AuthenticationController } from "./controllers/auth.controller"; import { AuthenticationController } from "./controllers/auth.controller";
import { RpcController } from "./controllers/rpc.controller"; import { RpcController } from "./controllers/rpc.controller";
import jwt from "jsonwebtoken"; import jwt from "jsonwebtoken";
import appState from "./containers/appState.container";
import * as dotenv from "dotenv"; import * as dotenv from "dotenv";
import DataStoredInToken from "./interfaces/dataStoredInToken.interface";
dotenv.config(); dotenv.config();
const app = createExpressServer({ const app: Application = createExpressServer({
routePrefix: "/api", routePrefix: "/api",
cors: true, cors: true,
/* HACK. This definitely needs to be cleaned up... */
authorizationChecker: async (action: Action) => { authorizationChecker: async (action: Action) => {
const req: Request = action.request; const req: Request = action.request;
const secret = process.env.KQUEUE_JWTSECRET; const secret = process.env.KQUEUE_JWTSECRET;
const token = parseCookies(req.headers.cookie)["jwt"]; // tslint:disable-next-line: no-string-literal
const token = parseCookies(req.headers.cookie)['jwt'];
if (token) { if (token) {
try { try {
const verificationResponse = jwt.verify(token, secret); const verificationResponse = jwt.verify(token, secret);
@ -33,15 +37,37 @@ const app = createExpressServer({
} else { } else {
return false; return false;
} }
},
/* HACK. This definitely needs to be cleaned up... */
currentUserChecker: async (action: Action) => {
const req: Request = action.request;
const secret = process.env.KQUEUE_JWTSECRET;
// tslint:disable-next-line: no-string-literal
const token = parseCookies(req.headers.cookie)['jwt'];
if (token) {
try {
const verificationResponse = jwt.verify(token, secret);
if (verificationResponse) {
return verificationResponse as DataStoredInToken;
} else {
return false;
}
} catch (error) {
return false;
}
} else {
return false;
}
}, },
controllers: [QueueController, SongController, StatisticsController, AuthenticationController, RpcController] controllers: [QueueController, SongController, StatisticsController, AuthenticationController, RpcController]
}); });
app.listen(process.env.KQUEUE_PORT); app.listen(process.env.KQUEUE_PORT);
/* HACK. This definitely needs to be cleaned up... */
function parseCookies(str) { function parseCookies(str) {
let rx = /([^;=\s]*)=([^;]*)/g; const rx = /([^;=\s]*)=([^;]*)/g;
let obj = {}; const obj = {};
// tslint:disable-next-line: no-conditional-assignment
for (let m; m = rx.exec(str);) for (let m; m = rx.exec(str);)
obj[m[1]] = decodeURIComponent(m[2]); obj[m[1]] = decodeURIComponent(m[2]);
return obj; return obj;

3
backend/karaoqueue-backend/src/middleware/jwt.middleware.ts
View File

@ -4,7 +4,8 @@ import * as jwt from 'jsonwebtoken';
export class JwtMiddleware { export class JwtMiddleware {
public createToken(user: User): string { public createToken(user: User): string {
const expiresIn = 60 * 60; // an hour /* expiresIn is in seconds. We take the env value which is in minutes and multiply it by 60.*/
const expiresIn = parseInt(process.env.KQUEUE_JWTEXPIRY,10) * 60;
const secret = process.env.KQUEUE_JWTSECRET; const secret = process.env.KQUEUE_JWTSECRET;
const dataStoredInToken: DataStoredInToken = { const dataStoredInToken: DataStoredInToken = {
_id: user.username, _id: user.username,