Authentication
This commit is contained in:
@@ -18,6 +18,7 @@ import {
|
||||
MigrationRepository,
|
||||
UserRepository
|
||||
} from "@kredens/db/repos";
|
||||
import monitor from "pg-monitor";
|
||||
import pgPromise, { IDatabase, IInitOptions } from "pg-promise";
|
||||
|
||||
type ExtendedProtocol = IDatabase<Extensions> & Extensions;
|
||||
@@ -30,5 +31,6 @@ const initOptions: IInitOptions<Extensions> = {
|
||||
};
|
||||
|
||||
const pgp: pgPromise.IMain = pgPromise(initOptions);
|
||||
monitor.attach(initOptions);
|
||||
const db: ExtendedProtocol = pgp(process.env.PG_CONNECTION_STRING);
|
||||
export { db, pgp };
|
||||
|
||||
16
src/index.ts
16
src/index.ts
@@ -17,9 +17,12 @@ import { server as graphqlServer } from "@kredens/api";
|
||||
import { db } from "@kredens/db";
|
||||
import logger from "@kredens/logger";
|
||||
import indexRouter from "@kredens/routes/";
|
||||
import bootstrapRouter from "@kredens/routes/bootstrap";
|
||||
import cookieParser from "cookie-parser";
|
||||
import csrf from "csurf";
|
||||
import express from "express";
|
||||
import pinoExpress from "express-pino-logger";
|
||||
import session, { SessionOptions } from "express-session";
|
||||
import helmet from "helmet";
|
||||
import createHttpError from "http-errors";
|
||||
|
||||
@@ -37,6 +40,19 @@ async function main() {
|
||||
app.use(express.json());
|
||||
app.use(express.urlencoded({ extended: false }));
|
||||
app.use(cookieParser());
|
||||
const sessionOptions: SessionOptions = {
|
||||
resave: false,
|
||||
saveUninitialized: false,
|
||||
secret: process.env.SECRET
|
||||
};
|
||||
|
||||
if (app.get("env") === "production") {
|
||||
app.set("trust proxy", 1);
|
||||
sessionOptions.cookie.secure = true;
|
||||
}
|
||||
app.use(session(sessionOptions));
|
||||
app.use("/bootstrap", bootstrapRouter);
|
||||
app.use(csrf());
|
||||
|
||||
if (app.settings.env === "development") {
|
||||
const webpack = require("webpack"); // tslint:disable-line:no-implicit-dependencies
|
||||
|
||||
@@ -13,14 +13,17 @@
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import { box, unbox } from "@kredens/crypto";
|
||||
import { db } from "@kredens/db";
|
||||
import express from "express";
|
||||
import createHttpError from "http-errors";
|
||||
import { DateTime } from "luxon";
|
||||
|
||||
const router = express.Router();
|
||||
|
||||
router.get("/", async (req, res, next) => {
|
||||
res.render("login", {
|
||||
csrfToken: req.csrfToken()
|
||||
});
|
||||
});
|
||||
|
||||
router.post("/", async (req, res, next) => {
|
||||
const userID = await db.users.login(req.body.email, req.body.password);
|
||||
if (userID.isSome()) {
|
||||
@@ -30,35 +33,4 @@ router.post("/", async (req, res, next) => {
|
||||
}
|
||||
});
|
||||
|
||||
interface Token {
|
||||
expires: string;
|
||||
}
|
||||
|
||||
router.get("/bootstrap", async (req, res, next) => {
|
||||
const token: Token = {
|
||||
expires: DateTime.local()
|
||||
.plus({ hours: 2 })
|
||||
.toISO()
|
||||
};
|
||||
req.log.info("Token issued", { token: box(token) });
|
||||
});
|
||||
|
||||
router.post("/bootstrap", async (req, res, next) => {
|
||||
const token: Token = unbox(req.body.token);
|
||||
const expired = DateTime.fromISO(token.expires).diffNow();
|
||||
if (expired.as("milliseconds") < 0) {
|
||||
next(createHttpError(401));
|
||||
return;
|
||||
}
|
||||
|
||||
const email: string = req.body.email;
|
||||
const password: string = req.body.password;
|
||||
|
||||
if (!email || !password || password.length < 8) {
|
||||
res.send("Please provide an email and a password longer than 8 characters");
|
||||
return;
|
||||
}
|
||||
await db.users.create(email, password);
|
||||
});
|
||||
|
||||
export default router;
|
||||
|
||||
40
src/routes/bootstrap.ts
Normal file
40
src/routes/bootstrap.ts
Normal file
@@ -0,0 +1,40 @@
|
||||
import { box, unbox } from "@kredens/crypto";
|
||||
import { db } from "@kredens/db";
|
||||
import express from "express";
|
||||
import createHttpError from "http-errors";
|
||||
import { DateTime } from "luxon";
|
||||
|
||||
interface Token {
|
||||
expires: string;
|
||||
}
|
||||
|
||||
const router = express.Router();
|
||||
|
||||
router.get("/", async (req, res, next) => {
|
||||
const token: Token = {
|
||||
expires: DateTime.local()
|
||||
.plus({ hours: 2 })
|
||||
.toISO()
|
||||
};
|
||||
req.log.info("Token issued", { token: box(token) });
|
||||
});
|
||||
|
||||
router.post("/", async (req, res, next) => {
|
||||
const token: Token = unbox(req.body.token);
|
||||
const expired = DateTime.fromISO(token.expires).diffNow();
|
||||
if (expired.as("milliseconds") < 0) {
|
||||
next(createHttpError(401));
|
||||
return;
|
||||
}
|
||||
|
||||
const email: string = req.body.email;
|
||||
const password: string = req.body.password;
|
||||
|
||||
if (!email || !password || password.length < 8) {
|
||||
res.send("Please provide an email and a password longer than 8 characters");
|
||||
return;
|
||||
}
|
||||
await db.users.create(email, password);
|
||||
});
|
||||
|
||||
export default router;
|
||||
Reference in New Issue
Block a user