minie4/Timetable-V2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
21b2e681988ae70683af60eb72f3e6b9289a1555
Timetable-V2/server/api/auth.js
minie4 70238b4151 🎨 Run updated prettier
2023-08-25 14:42:38 +02:00

159 lines
3.6 KiB
JavaScript
Raw Blame History

import Prisma from "@prisma/client";
const prisma = new Prisma.PrismaClient();
import { log } from "../logs.js";
async function isLoggedIn(req) {
// If AUTH_PASSWORD env variable is not present don't require any login
if (!process.env.AUTH_PASSWORD) {
return true;
}
// If no session cookie is set and no token query
// parameter is provided the user can't be logged in
const token = req.query.token || req.cookies.session;
if (!token) {
return false;
}
// If there is a session cookie check it
const session = await prisma.session.findUnique({
where: {
token,
},
});
// If no session is found (the session probably
// exired) the user is not logged in
if (!session) {
return false;
}
// If no checks failed the user is logged in
return session;
}
async function renewSession(session) {
// Don't try to renew sessions if auth is disabled
if (session === true) return;
await prisma.session.update({
where: {
token: session.token,
},
data: {
// 14 Days from now on
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14),
},
});
}
async function login(req, res) {
// Check if the user is already logged in
let session = await isLoggedIn(req);
if (session) {
renewSession(session);
res.redirect("/");
return;
}
// Check password
if (!req.body.password || req.body.password != process.env.AUTH_PASSWORD) {
res.redirect("/login");
return;
}
// Create a new auth session
session = await prisma.session.create({
data: {
// Expires after 14 days of inactivity
validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24 * 14),
},
});
res.cookie("session", session.token, {
httpOnly: true,
// Expire "never"
expires: new Date(253402300000000),
});
log("API / Auth", `New session: ${session.token}`);
res.redirect("/");
}
async function logout(req, res) {
const session = await isLoggedIn(req);
if (!session) {
res.sendStatus(401);
return;
}
await prisma.session.deleteMany({
where: {
token: session.token,
},
});
log("API / Auth", `Removed session: ${session.token}`);
res.redirect("/");
}
async function checkLogin(req, res, next) {
// Allow requests to `/api/token`
if (req.path == "/token") {
next();
return;
}
const session = await isLoggedIn(req);
if (!session) {
// send 401 Unauthorized so the
// app redirects to the login page
res.sendStatus(401);
return;
}
req.locals = {
session: session.token,
};
renewSession(session);
next();
}
async function token(req, res) {
if (!req.query.password || req.query.password != process.env.AUTH_PASSWORD) {
res.status(401).send({
success: false,
error: "wrong_auth",
message: "Wrong password",
});
return;
}
// Create a new auth session
const session = await prisma.session.create({
data: {
// API token expires after 1 hour
validUntil: new Date(Date.now() + 1000 * 60 * 60),
},
});
log("API / Auth", `New token: ${session.token}`);
res.send({
success: true,
token: session.token,
});
}
export default {
login,
logout,
checkLogin,
token,
};
// Clean up expired sessions every hour
setInterval(
async () => {
const sessions = await prisma.session.findMany();
for (const session of sessions) {
if (session.validUntil < new Date()) {
log("API / Auth", `Removed expired session: ${session.token}`);
await prisma.session.delete({
where: {
token: session.token,
},
});
}
}
},
1000 * 60 * 60,
);
Reference in New Issue View Git Blame Copy Permalink