defined access check middleware, corrected login flow

2022-11-22 18:02:59 -06:00
parent 700edc8e73
commit 1ee2cde280
5 changed files with 43 additions and 20 deletions
--- a/server/auth/index.ts
+++ b/server/auth/index.ts
@@ -21,7 +21,7 @@ export default class AuthService {
            
            bcrypt.genSalt(10, (err, salt) => {
                if (err) throw err;
-                bcrypt.hash(password, salt, async (err, hash) => {
+                bcrypt.hash(password!, salt, async (err, hash) => {
                    if (err) throw err;
                    const newData = {
                        ...data,
--- a/server/auth/middlewares.ts
+++ b/server/auth/middlewares.ts
@@ -0,0 +1,14 @@
+import { NextFunction, Request, Response } from "express"
+
+export function restrictAccess(req: Request, res: Response, next: NextFunction) {
+    if (!req.isAuthenticated()) {
+        res.status(403).send({ message: "Access forbidden" });
+    } else {
+        next();
+    }
+}
+
+export function checkAccess(req: Request, res: Response, next: NextFunction) {
+    console.log(req.isAuthenticated());
+    next();
+}
--- a/server/loaders/passport.ts
+++ b/server/loaders/passport.ts
@@ -10,16 +10,11 @@ export const passportLoader = async (app: Express) => {
    app.use(passport.session());

    passport.serializeUser((user, done) => {
-        process.nextTick(() => {
-            done(null, user);
-        })
+        done(null, user);
    })

    passport.deserializeUser((user: IUserAuth, done) => {
-        process.nextTick(async () => {
-            const userData = await AuthInstance.login(user);
-            return userData ? done(null, userData) : done(null, false);
-        })
+        done(null, user);
    })

    // sign in method with passport local strategy
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -1,9 +1,11 @@
-import { Express, Router } from "express"
+import { Express, Request, Router } from "express"
 import { PassportStatic } from "passport";
 import { IUser, IUserAuth } from "../schemas";
 import AuthService from "../auth";
 import { UserCtl } from "../controllers";
 import now from "../util/now";
+import { checkAccess, restrictAccess } from "../auth/middlewares";
+import { Session } from "express-session";
 const AuthInstance = new AuthService();
 const UserControl = new UserCtl();

@@ -12,25 +14,37 @@ const router = Router();
 export const authRoute = (app: Express, passport: PassportStatic) => {
    app.use('/auth', router);

-    router.get('/', (req, res) => {
-        const data = {
-            session: req.session,
-            user: req.user
+    router.get('/', checkAccess, (req, res, next) => {
+        // @ts-ignore: does not recognize structure of req.user
+        const user = req.user?.user;
+        const userData: IUser = {
+            firstname: user.firstname,
+            lastname: user.lastname,
+            handle: user.handle,
+            email: user.email
        }
-        res.send(JSON.stringify(data));
+        res.send({ user: userData });
+    })
+
+    router.get('/protected', restrictAccess, (req, res, next) => {
+        res.status(200).send({ message: "Cool restricted content!" });
    })

    router.post('/login', passport.authenticate('local'), async (req, res, next) => {
        try {
            const data: IUserAuth = req.body;
            const response = await AuthInstance.login(data);
-            console.log(response);

            if (response.ok) {
-                req.user = response.user;
-                await UserControl.updateOne(response.user.id, { ...response.user, datemodified: now })
+                req.logIn(response.user, (error: any) => {
+                    if (error) throw error;
+                    console.log('login successful');
+                })
+                // const { id, email, handle, firstname, lastname } = response.user;
+                // await UserControl.updateOne(response.user.id, { ...response.user, datemodified: now })
+                // res.status(200).send({ id: id, handle: handle, firstname: firstname, lastname: lastname });
                res.cookie('userid', response.user.id, { maxAge: 1000 * 60 * 60 * 24 * 7 });
-                res.status(200).send(response.user);
+                res.end();
            } else {
                res.status(401).send({ message: "Login unsuccessful" });
            }
@@ -45,7 +59,7 @@ export const authRoute = (app: Express, passport: PassportStatic) => {
                if (err) throw err;
            })
            res.clearCookie('userid');
-            res.status(204).send({ success: true });
+            res.status(204).send({ message: "Logout successful", success: true });
        } catch(e) {
            next(e);
        }
--- a/server/schemas/index.ts
+++ b/server/schemas/index.ts
@@ -16,7 +16,7 @@ export interface IUser extends DBEntity, HasHistory, CanDeactivate {
    lastname: string
    handle: string
    email: string
-    password: string
+    password?: string
 }

 export interface IUserAuth {