fipamo/brain/api/v1/auth.js

import * as DataEvent from '../../../src/com/events/DataEvent';
const express = require('express');
const router = express.Router();
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const fs = require('fs-extra');
const _ = require('lodash');
const crypto = require('crypto'); // for setting up new accounts
const secret_key = '58d5aeec3c604e2837aef70bc1606f35131ab8fea9731925558f5acfaa00da60';
const moment = require('moment');

/**
 * Get Auth Status
 */
router.get('/', function (req, res) {
	var token = req.headers['x-access-token'];
	if (!token) return res.status(401).send({ auth: false, message: 'No token provided.' });

	jwt.verify(token, 'super-secret-string', function (err, decoded) {
		if (err)
			return res.status(500).send({ auth: false, message: 'Failed to authenticate token.' });
		res.status(200).send(decoded);
	});
});

/**
 * Get Auth Status
 */
router.get('/status', function (req, res) {
	if (req.session.user) {
		let session = req.session;
		res.json({
			type: DataEvent.API_REQUEST_GOOD,
			message: 'Auth is Good',
			token: session.hashToken
		});
	} else {
		res.json({
			type: DataEvent.API_REQUEST_LAME,
			message: 'NOT AUTHORIZED'
		});
	}
});
/**
 * Login Member and return token
 */
router.post('/login', function (req, res) {
	fs.readJson('site/folks.json').then(folks => {
		let found = _.find(folks, { handle: req.body.handle });
		if (found) {
			if (!isValidPassword(found, req.body.password)) {
				res.json({
					type: DataEvent.REQUEST_LAME,
					message: 'CHECK YOUR PASSWORD'
				});
			}

			let token = jwt.sign({ id: found.id }, found.key, {
				expiresIn: 86400 // expires in 24 hours
			});

			let session = req.session;
			session.user = found;
			session.token = token;
			session.hashToken = hashToken(token);
			res.json({
				type: DataEvent.REQUEST_GOOD,
				message: 'Welcome Back',
				token: session.hashToken
			});
		} else {
			res.json({
				type: DataEvent.REQUEST_LAME,
				message: 'Need to see some id, champ.'
			});
		}
	});
});

/**
 * Initial Site Setup
 */
router.post('/init', function (req, res) {
	let body = req.body;
	let re = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
	// check email
	if (!re.test(body.new_member_email)) {
		res.json({
			type: DataEvent.API_INIT_LAME,
			message: 'Need a valid email address'
		});
	}
	//check handle is being passed
	if (body.new_member_handle === null || body.new_member_handle === '') {
		res.json({
			type: DataEvent.API_INIT_LAME,
			message: 'No handle. Kinda need that.'
		});
	}
	// check password match
	if (
		body.new_member_pass !== body.new_member_pass2 ||
		body.new_member_pass === '' ||
		body.new_member_pass2 === ''
	) {
		res.json({
			type: DataEvent.API_INIT_LAME,
			message: 'Passwords do not match.'
		});
	}

	if (body.new_member_title === null || body.new_member_title === '') {
		res.json({
			type: DataEvent.API_INIT_LAME,
			message: 'No title. Gotta call it something.'
		});
	}

	let key = crypto
		.createHash('sha256')
		.update(body.new_member_pass + secret_key)
		.digest('hex');

	// set up config files
	fs.readJson('site/init/settings-template.json').then(fresh => {
		fresh.global.title = body.new_member_title;
		fs.writeJSON('site/settings.json', fresh);
	});

	fs.readJson('site/init/folks-template.json').then(folks => {
		folks[0].id = 1;
		folks[0].handle = body.new_member_handle;
		folks[0].email = body.new_member_email;
		folks[0].password = bcrypt.hashSync(body.new_member_pass, bcrypt.genSaltSync(10), null);
		folks[0].key = key;
		folks[0].role = 'hnic';
		folks[0].created = moment(Date.now()).format();
		folks[0].updated = moment(Date.now()).format();
		fs.writeJSON('site/folks.json', folks);
	});

	fs.writeJson('site/tags.json', { tags: [] });

	res.json({
		type: DataEvent.API_INIT_GOOD,
		message: 'All Set Up'
	});
});

//router.post('/logout', function(req, res) {});
module.exports = router;

function isValidPassword(user, password) {
	return bcrypt.compareSync(password, user.password);
}

function hashToken(token) {
	return bcrypt.hashSync(token, bcrypt.genSaltSync(10), null);
}
corrected dependency paths 2019-11-23 17:40:51 +01:00			`import * as DataEvent from '../../../src/com/events/DataEvent';`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`const express = require('express');`
			`const router = express.Router();`
cleaned up/updated node modules, fixed page edit bug, updated bcrypt 2020-06-10 01:55:24 +02:00			`const bcrypt = require('bcrypt');`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`const jwt = require('jsonwebtoken');`
refactored auth system 2019-11-16 23:20:04 +01:00			`const fs = require('fs-extra');`
			`const _ = require('lodash');`
added settings loading to API to fix caching, added site init and onboarding, added settings templates to make site set up easier 2020-06-21 03:13:23 +02:00			`const crypto = require('crypto'); // for setting up new accounts`
			`const secret_key = '58d5aeec3c604e2837aef70bc1606f35131ab8fea9731925558f5acfaa00da60';`
			`const moment = require('moment');`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00
			`/**`
			`* Get Auth Status`
			`*/`
fixed API authentication bug. whew. 2020-05-05 22:44:45 +02:00			`router.get('/', function (req, res) {`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`var token = req.headers['x-access-token'];`
			`if (!token) return res.status(401).send({ auth: false, message: 'No token provided.' });`

fixed API authentication bug. whew. 2020-05-05 22:44:45 +02:00			`jwt.verify(token, 'super-secret-string', function (err, decoded) {`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`if (err)`
			`return res.status(500).send({ auth: false, message: 'Failed to authenticate token.' });`
			`res.status(200).send(decoded);`
			`});`
			`});`
completed move to v1 API, made specific API request class, started plugging in API authorization methodology 2019-12-02 22:07:16 +01:00
			`/**`
			`* Get Auth Status`
			`*/`
fixed API authentication bug. whew. 2020-05-05 22:44:45 +02:00			`router.get('/status', function (req, res) {`
completed move to v1 API, made specific API request class, started plugging in API authorization methodology 2019-12-02 22:07:16 +01:00			`if (req.session.user) {`
			`let session = req.session;`
			`res.json({`
			`type: DataEvent.API_REQUEST_GOOD,`
			`message: 'Auth is Good',`
token encyrption working. never send token to the front end. 2019-12-03 02:59:04 +01:00			`token: session.hashToken`
completed move to v1 API, made specific API request class, started plugging in API authorization methodology 2019-12-02 22:07:16 +01:00			`});`
			`} else {`
			`res.json({`
			`type: DataEvent.API_REQUEST_LAME,`
			`message: 'NOT AUTHORIZED'`
			`});`
			`}`
			`});`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`/**`
			`* Login Member and return token`
			`*/`
fixed API authentication bug. whew. 2020-05-05 22:44:45 +02:00			`router.post('/login', function (req, res) {`
added pages config json(may not need), synced editor to markdown metadata, resolved new asset dependency paths 2019-11-23 19:30:34 +01:00			`fs.readJson('site/folks.json').then(folks => {`
refactored auth system 2019-11-16 23:20:04 +01:00			`let found = _.find(folks, { handle: req.body.handle });`
			`if (found) {`
			`if (!isValidPassword(found, req.body.password)) {`
			`res.json({`
			`type: DataEvent.REQUEST_LAME,`
			`message: 'CHECK YOUR PASSWORD'`
			`});`
			`}`

completed move to v1 API, made specific API request class, started plugging in API authorization methodology 2019-12-02 22:07:16 +01:00			`let token = jwt.sign({ id: found.id }, found.key, {`
refactored auth system 2019-11-16 23:20:04 +01:00			`expiresIn: 86400 // expires in 24 hours`
			`});`

			`let session = req.session;`
			`session.user = found;`
			`session.token = token;`
token encyrption working. never send token to the front end. 2019-12-03 02:59:04 +01:00			`session.hashToken = hashToken(token);`
switched to web safe fonts for now, streamline file uploads, now tracking upload progress. 2019-11-24 21:23:01 +01:00			`res.json({`
			`type: DataEvent.REQUEST_GOOD,`
			`message: 'Welcome Back',`
token encyrption working. never send token to the front end. 2019-12-03 02:59:04 +01:00			`token: session.hashToken`
switched to web safe fonts for now, streamline file uploads, now tracking upload progress. 2019-11-24 21:23:01 +01:00			`});`
refactored auth system 2019-11-16 23:20:04 +01:00			`} else {`
			`res.json({`
			`type: DataEvent.REQUEST_LAME,`
cleaned up libraries file, polished page updating, added page creation 2019-11-25 22:58:34 +01:00			`message: 'Need to see some id, champ.'`
refactored auth system 2019-11-16 23:20:04 +01:00			`});`
			`}`
			`});`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`});`

added settings loading to API to fix caching, added site init and onboarding, added settings templates to make site set up easier 2020-06-21 03:13:23 +02:00			`/**`
			`* Initial Site Setup`
			`*/`
			`router.post('/init', function (req, res) {`
			`let body = req.body;`
			`let re = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;`
			`// check email`
			`if (!re.test(body.new_member_email)) {`
			`res.json({`
			`type: DataEvent.API_INIT_LAME,`
			`message: 'Need a valid email address'`
			`});`
			`}`
			`//check handle is being passed`
			`if (body.new_member_handle === null \|\| body.new_member_handle === '') {`
			`res.json({`
			`type: DataEvent.API_INIT_LAME,`
			`message: 'No handle. Kinda need that.'`
			`});`
			`}`
			`// check password match`
			`if (`
			`body.new_member_pass !== body.new_member_pass2 \|\|`
			`body.new_member_pass === '' \|\|`
			`body.new_member_pass2 === ''`
			`) {`
			`res.json({`
			`type: DataEvent.API_INIT_LAME,`
			`message: 'Passwords do not match.'`
			`});`
			`}`

			`if (body.new_member_title === null \|\| body.new_member_title === '') {`
			`res.json({`
			`type: DataEvent.API_INIT_LAME,`
			`message: 'No title. Gotta call it something.'`
			`});`
			`}`

			`let key = crypto`
			`.createHash('sha256')`
			`.update(body.new_member_pass + secret_key)`
			`.digest('hex');`

			`// set up config files`
			`fs.readJson('site/init/settings-template.json').then(fresh => {`
			`fresh.global.title = body.new_member_title;`
			`fs.writeJSON('site/settings.json', fresh);`
			`});`

			`fs.readJson('site/init/folks-template.json').then(folks => {`
			`folks[0].id = 1;`
			`folks[0].handle = body.new_member_handle;`
			`folks[0].email = body.new_member_email;`
			`folks[0].password = bcrypt.hashSync(body.new_member_pass, bcrypt.genSaltSync(10), null);`
			`folks[0].key = key;`
			`folks[0].role = 'hnic';`
			`folks[0].created = moment(Date.now()).format();`
			`folks[0].updated = moment(Date.now()).format();`
			`fs.writeJSON('site/folks.json', folks);`
			`});`

			`fs.writeJson('site/tags.json', { tags: [] });`

			`res.json({`
			`type: DataEvent.API_INIT_GOOD,`
			`message: 'All Set Up'`
			`});`
			`});`

added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`//router.post('/logout', function(req, res) {});`
			`module.exports = router;`

			`function isValidPassword(user, password) {`
cleaned up/updated node modules, fixed page edit bug, updated bcrypt 2020-06-10 01:55:24 +02:00			`return bcrypt.compareSync(password, user.password);`
added new auth route, implemented token authentication, new static files folder for rendered pages 2019-10-12 01:10:55 +02:00			`}`
token encyrption working. never send token to the front end. 2019-12-03 02:59:04 +01:00
			`function hashToken(token) {`
cleaned up/updated node modules, fixed page edit bug, updated bcrypt 2020-06-10 01:55:24 +02:00			`return bcrypt.hashSync(token, bcrypt.genSaltSync(10), null);`
token encyrption working. never send token to the front end. 2019-12-03 02:59:04 +01:00			`}`