From cd493da3e8a1e40e61bbeb230d95b7e734151b16 Mon Sep 17 00:00:00 2001 From: Renge Date: Sat, 24 Sep 2022 20:23:26 -0400 Subject: [PATCH] fix: fix login logic --- api/apis/user-apis.js | 13 ++- api/routes/router.js | 6 -- auth/auth/auth.js | 29 +++++++ auth/config.sample.js | 4 +- auth/index.js | 85 ++++++++++++++++--- auth/package-lock.json | 186 +++++++++++++++++++++++++++++++++++++++++ auth/package.json | 1 + 7 files changed, 303 insertions(+), 21 deletions(-) create mode 100644 auth/auth/auth.js diff --git a/api/apis/user-apis.js b/api/apis/user-apis.js index f7276d1..abb6891 100644 --- a/api/apis/user-apis.js +++ b/api/apis/user-apis.js @@ -38,10 +38,19 @@ const assert = async (queueName, req, res) => { channel.consume(q.queue, function (msg) { console.log(msg) if (msg.properties.correlationId == correlationId) { - console.log(msg) console.log(' [.] Got %s', msg.content.toString()); msg = JSON.parse(msg.content) - res.status(msg.status).send(msg.body) + console.log(msg.cookie) + if (msg.cookie) { + res.cookie("token", msg.cookie, { + httpOnly: true, + secure: true, + sameSite: "lax" + }).status(msg.status).send(msg.body) + } + else { + res.status(msg.status).send(msg.body) + } setTimeout(function () { connection.close(); }, 500); diff --git a/api/routes/router.js b/api/routes/router.js index c9da1bf..c2ad9fc 100644 --- a/api/routes/router.js +++ b/api/routes/router.js @@ -2,13 +2,7 @@ const express = require('express') const router = express.Router() const UserAPI = require('../apis/user-apis') -const test = async(req,res) => { - await new Promise(resolve => setTimeout(resolve, 1000)); - res.send("hi") -} - router.post('/login', UserAPI.loginUser) router.post('/register', UserAPI.registerUser) -router.post('/test', test) module.exports = router \ No newline at end of file diff --git a/auth/auth/auth.js b/auth/auth/auth.js new file mode 100644 index 0000000..bae41f9 --- /dev/null +++ b/auth/auth/auth.js @@ -0,0 +1,29 @@ +const jwt = require("jsonwebtoken") +const config = require('../config') + +function authManager() { + getUserID = function (token) { + try { + if (!token) { + return 'Guest'; + } + else { + const verified = jwt.verify(token, config.JWT_SECRET) + return verified.userId + } + } catch (err) { + return 'Guest' + } + } + + signToken = function (user) { + return jwt.sign({ + userId: user._id + }, config.JWT_SECRET); + } + + return this; +} + +const auth = authManager(); +module.exports = auth; \ No newline at end of file diff --git a/auth/config.sample.js b/auth/config.sample.js index 3bb0a0f..a6fb1a0 100644 --- a/auth/config.sample.js +++ b/auth/config.sample.js @@ -2,10 +2,12 @@ const rabbitMQ = 'amqp://localhost' const mongoURL = "mongodb://localhost:27017/users" const mongoUser = '' const mongoPassword = '' +const JWT_SECRET = '' module.exports = { rabbitMQ, mongoURL, mongoUser, - mongoPassword + mongoPassword, + JWT_SECRET } \ No newline at end of file diff --git a/auth/index.js b/auth/index.js index 54df64b..52126d6 100644 --- a/auth/index.js +++ b/auth/index.js @@ -3,6 +3,7 @@ const bcrypt = require("bcryptjs") const User = require('./models/user-model') const db = require('./db/db') const config = require('./config') +const auth = require('./auth/auth') const rabbitMQ = config.rabbitMQ @@ -11,10 +12,47 @@ db.on('error', console.error.bind(console, "MongoDB Atlas connection error")) const register = async (req) => { try { - console.log(req); + console.log("request: ", req); const { name, password, email, passwordVerify } = req; - // TODO check password // TODO verify code? + if (password.length < 6 || password.length > 16) { + let res = { + status: 400, + body: { + msg: "Password length must between 6 to 16." + } + } + return JSON.stringify(res); + } + if (password !== passwordVerify) { + let res = { + status: 400, + body: { + msg: "Passwords don't match." + } + } + return JSON.stringify(res); + } + const existingEmail = await User.findOne({ email: email }); + if (existingEmail) { + let res = { + status: 400, + body: { + msg: "An account with this email address already exists." + } + } + return JSON.stringify(res) + } + const existingName = await User.findOne({ name: name }); + if (existingName) { + let res = { + status: 400, + body: { + msg: "An account with the same name already exists." + } + } + return JSON.stringify(res) + } const salt = await bcrypt.genSalt(); const passwordHash = await bcrypt.hash(password, salt); @@ -24,10 +62,19 @@ const register = async (req) => { email: email, favorites: [] }); - await newUser.save(); + const savedUser = await newUser.save(); + + // LOGIN THE USER + const token = auth.signToken(savedUser); + let res = { status: 200, - body: "ok" + body: { + name: savedUser.name, + email: savedUser.email, + msg: "ok" + }, + cookie: token } return JSON.stringify(res); } @@ -35,7 +82,9 @@ const register = async (req) => { console.error(err); let res = { status: 500, - body: "server error" + body: { + msg: "server error" + } } return JSON.stringify(res) } @@ -44,26 +93,34 @@ const register = async (req) => { const login = async (req) => { try { - console.log(req); + console.log("request: ", req); const { email, password } = req; const user = await User.findOne({ email: email }) + console.log(user) + console.log(!user) if (!user) { let res = { status: 500, - body: "User does not exist!" + body: { + msg: "User does not exist!" + } } return JSON.stringify(res) } console.log(user) const match = await bcrypt.compare(password, user.passwordHash) if (match) { - console.log("user login successful") // TODO JWT + console.log("user login successful") + const token = auth.signToken(user); let res = { status: 200, body: { - name: user.name - } + name: user.name, + email: user.email, + msg: "ok" + }, + cookie: token } return JSON.stringify(res) } @@ -71,7 +128,9 @@ const login = async (req) => { console.log("user login failed, wrong password") let res = { status: 401, - body: "wrong password" + body: { + msg: "wrong password" + } } return JSON.stringify(res) } @@ -80,7 +139,9 @@ const login = async (req) => { console.error(err); let res = { status: 500, - body: "server error" + body: { + msg: "server error" + } } return JSON.stringify(res) } diff --git a/auth/package-lock.json b/auth/package-lock.json index 75afb1c..b1671df 100644 --- a/auth/package-lock.json +++ b/auth/package-lock.json @@ -11,6 +11,7 @@ "dependencies": { "amqplib": "^0.10.3", "bcryptjs": "^2.4.3", + "jsonwebtoken": "^8.5.1", "mongoose": "^6.6.1", "pg": "^8.8.0" } @@ -119,6 +120,11 @@ "ieee754": "^1.1.13" } }, + "node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" + }, "node_modules/buffer-more-ints": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/buffer-more-ints/-/buffer-more-ints-1.0.0.tgz", @@ -161,6 +167,14 @@ "node": ">=0.10" } }, + "node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, "node_modules/ieee754": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", @@ -195,11 +209,86 @@ "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ==" }, + "node_modules/jsonwebtoken": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", + "dependencies": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^5.6.0" + }, + "engines": { + "node": ">=4", + "npm": ">=1.4.28" + } + }, + "node_modules/jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "dependencies": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "dependencies": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "node_modules/kareem": { "version": "2.4.1", "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" }, + "node_modules/lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==" + }, + "node_modules/lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==" + }, + "node_modules/lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==" + }, + "node_modules/lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==" + }, + "node_modules/lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==" + }, + "node_modules/lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==" + }, + "node_modules/lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==" + }, "node_modules/memory-pager": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz", @@ -442,6 +531,14 @@ "node": ">=6" } }, + "node_modules/semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "bin": { + "semver": "bin/semver" + } + }, "node_modules/sift": { "version": "16.0.0", "resolved": "https://registry.npmjs.org/sift/-/sift-16.0.0.tgz", @@ -608,6 +705,11 @@ "ieee754": "^1.1.13" } }, + "buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" + }, "buffer-more-ints": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/buffer-more-ints/-/buffer-more-ints-1.0.0.tgz", @@ -636,6 +738,14 @@ "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==" }, + "ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "requires": { + "safe-buffer": "^5.0.1" + } + }, "ieee754": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", @@ -656,11 +766,82 @@ "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ==" }, + "jsonwebtoken": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", + "requires": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^5.6.0" + } + }, + "jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "requires": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "requires": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "kareem": { "version": "2.4.1", "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" }, + "lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==" + }, + "lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==" + }, + "lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==" + }, + "lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==" + }, + "lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==" + }, + "lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==" + }, + "lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==" + }, "memory-pager": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz", @@ -850,6 +1031,11 @@ "sparse-bitfield": "^3.0.3" } }, + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" + }, "sift": { "version": "16.0.0", "resolved": "https://registry.npmjs.org/sift/-/sift-16.0.0.tgz", diff --git a/auth/package.json b/auth/package.json index a6850d8..92982f4 100644 --- a/auth/package.json +++ b/auth/package.json @@ -11,6 +11,7 @@ "dependencies": { "amqplib": "^0.10.3", "bcryptjs": "^2.4.3", + "jsonwebtoken": "^8.5.1", "mongoose": "^6.6.1", "pg": "^8.8.0" }