♻️ Refactor backend
This commit is contained in:
@ -3,64 +3,69 @@ const prisma = new Prisma.PrismaClient();
|
||||
|
||||
import { log } from "../logs.js";
|
||||
|
||||
export class Auth {
|
||||
constructor() {}
|
||||
login = async (req, res) => {
|
||||
if (!req.body.password) {
|
||||
res.redirect("/login");
|
||||
return;
|
||||
} else {
|
||||
if (req.body.password == process.env.AUTH_PASSWORD) {
|
||||
const session = await prisma.session.create({
|
||||
data: {
|
||||
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14), // Expires after 14 days
|
||||
},
|
||||
});
|
||||
res.cookie("session", session.token, {
|
||||
httpOnly: true,
|
||||
expires: new Date(253402300000000),
|
||||
});
|
||||
log("API / Auth", `New session: ${session.token}`);
|
||||
res.redirect("/");
|
||||
} else {
|
||||
res.redirect("/login");
|
||||
return;
|
||||
}
|
||||
}
|
||||
};
|
||||
checkLogin = async (req, res, next) => {
|
||||
if (!process.env.AUTH_PASSWORD) {
|
||||
next();
|
||||
return;
|
||||
}
|
||||
if (!req.cookies.session) {
|
||||
res.sendStatus(401);
|
||||
return;
|
||||
} else {
|
||||
const session = await prisma.session.findUnique({
|
||||
where: {
|
||||
token: req.cookies.session,
|
||||
},
|
||||
});
|
||||
if (!session) {
|
||||
res.sendStatus(401);
|
||||
return;
|
||||
}
|
||||
// Renew session expiration date
|
||||
await prisma.session.update({
|
||||
where: {
|
||||
token: session.token,
|
||||
},
|
||||
data: {
|
||||
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14),
|
||||
},
|
||||
});
|
||||
}
|
||||
next();
|
||||
};
|
||||
async function login(req, res) {
|
||||
// Check password
|
||||
if (!req.body.password || req.body.password != process.env.AUTH_PASSWORD) {
|
||||
res.redirect("/login");
|
||||
return;
|
||||
}
|
||||
// Create a new auth session
|
||||
const session = await prisma.session.create({
|
||||
data: {
|
||||
// Expires after 14 days of inactivity
|
||||
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14),
|
||||
},
|
||||
});
|
||||
res.cookie("session", session.token, {
|
||||
httpOnly: true,
|
||||
// Expire "never"
|
||||
expires: new Date(253402300000000),
|
||||
});
|
||||
log("API / Auth", `New session: ${session.token}`);
|
||||
res.redirect("/");
|
||||
}
|
||||
|
||||
// Check for expired sessions every hour
|
||||
async function checkLogin(req, res, next) {
|
||||
// If AUTH_PASSWORD env variable is not present don't require any login
|
||||
if (!process.env.AUTH_PASSWORD) {
|
||||
next();
|
||||
return;
|
||||
}
|
||||
// If no session cookie is set send 401 Unauthorized
|
||||
// so the app redirects to the login page
|
||||
if (!req.cookies.session) {
|
||||
res.sendStatus(401);
|
||||
return;
|
||||
}
|
||||
// Check the provided session cookie
|
||||
const session = await prisma.session.findUnique({
|
||||
where: {
|
||||
token: req.cookies.session,
|
||||
},
|
||||
});
|
||||
// If no session is found also send 401
|
||||
if (!session) {
|
||||
res.sendStatus(401);
|
||||
return;
|
||||
}
|
||||
// Renew session expiration date
|
||||
await prisma.session.update({
|
||||
where: {
|
||||
token: session.token,
|
||||
},
|
||||
data: {
|
||||
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14),
|
||||
},
|
||||
});
|
||||
next();
|
||||
}
|
||||
|
||||
export default {
|
||||
login,
|
||||
checkLogin,
|
||||
};
|
||||
|
||||
// Clean up expired sessions every hour
|
||||
setInterval(async () => {
|
||||
const sessions = await prisma.session.findMany();
|
||||
for (const session of sessions) {
|
||||
|
||||
Reference in New Issue
Block a user