OpenAuth_server/src/api/middlewares/user.ts

import { NextFunction, Request, Response } from "express";
import LoginToken from "../../models/login_token";
import Logging from "@hibas123/nodelogging";
import RequestError, { HttpStatusCode } from "../../helper/request_error";
import User from "../../models/user";
import promiseMiddleware from "../../helper/promiseMiddleware";

class Invalid extends Error { }

/**
 * Returns customized Middleware function, that could also be called directly
 * by code and will return true or false depending on the token. In the false
 * case it will also send error and redirect if json is not set
 * @param json Checks if requests wants an json or html for returning errors
 * @param redirect_uri Sets the uri to redirect, if json is not set and user not logged in
 */
export function GetUserMiddleware(json = false, special_token: boolean = false, redirect_uri?: string) {
   return promiseMiddleware(async function (req: Request, res: Response, next?: NextFunction) {
      const invalid = () => {
         throw new Invalid();
      }
      try {
         let { login, special } = req.cookies

         if (!login) invalid()

         let token = await LoginToken.findOne({ token: login, valid: true })
         if (!token) invalid()

         let user = await User.findById(token.user);
         if (!user) {
            token.valid = false;
            await LoginToken.save(token);
            invalid();
         }

         if (token.validTill.getTime() < new Date().getTime()) { //Token expired
            token.valid = false;
            await LoginToken.save(token);
            invalid()
         }

         if (special) {
            Logging.debug("Special found")
            let st = await LoginToken.findOne({ token: special, special: true, valid: true })
            if (st && st.valid && st.user.toHexString() === token.user.toHexString()) {
               if (st.validTill.getTime() < new Date().getTime()) { //Token expired
                  Logging.debug("Special expired")
                  st.valid = false;
                  await LoginToken.save(st);
               } else {
                  Logging.debug("Special valid")
                  req.special = true;
               }
            }
         }

         if (special_token && !req.special) invalid();

         req.user = user
         req.isAdmin = user.admin;

         if (next)
            next()
         return true;
      } catch (e) {
         if (e instanceof Invalid) {
            if (req.method === "GET" && !json) {
               res.status(HttpStatusCode.UNAUTHORIZED)
               res.redirect("/login?base64=true&state=" + new Buffer(redirect_uri ? redirect_uri : req.originalUrl).toString("base64"))
            } else {
               throw new RequestError(req.__("You are not logged in or your login is expired"), HttpStatusCode.UNAUTHORIZED)
            }
         } else {
            if (next) next(e);
            else throw e;
         }
         return false;
      }
   });
}

export const UserMiddleware = GetUserMiddleware();
First version of OpenAuth remake 2018-11-06 19:48:50 +00:00			`import { NextFunction, Request, Response } from "express";`
			`import LoginToken from "../../models/login_token";`
			`import Logging from "@hibas123/nodelogging";`
			`import RequestError, { HttpStatusCode } from "../../helper/request_error";`
			`import User from "../../models/user";`
			`import promiseMiddleware from "../../helper/promiseMiddleware";`

			`class Invalid extends Error { }`

			`/**`
			`* Returns customized Middleware function, that could also be called directly`
			`* by code and will return true or false depending on the token. In the false`
			`* case it will also send error and redirect if json is not set`
			`* @param json Checks if requests wants an json or html for returning errors`
			`* @param redirect_uri Sets the uri to redirect, if json is not set and user not logged in`
			`*/`
			`export function GetUserMiddleware(json = false, special_token: boolean = false, redirect_uri?: string) {`
			`return promiseMiddleware(async function (req: Request, res: Response, next?: NextFunction) {`
			`const invalid = () => {`
			`throw new Invalid();`
			`}`
			`try {`
			`let { login, special } = req.cookies`

			`if (!login) invalid()`

			`let token = await LoginToken.findOne({ token: login, valid: true })`
			`if (!token) invalid()`

			`let user = await User.findById(token.user);`
			`if (!user) {`
			`token.valid = false;`
			`await LoginToken.save(token);`
			`invalid();`
			`}`

			`if (token.validTill.getTime() < new Date().getTime()) { //Token expired`
			`token.valid = false;`
			`await LoginToken.save(token);`
			`invalid()`
			`}`

			`if (special) {`
			`Logging.debug("Special found")`
			`let st = await LoginToken.findOne({ token: special, special: true, valid: true })`
			`if (st && st.valid && st.user.toHexString() === token.user.toHexString()) {`
			`if (st.validTill.getTime() < new Date().getTime()) { //Token expired`
			`Logging.debug("Special expired")`
			`st.valid = false;`
			`await LoginToken.save(st);`
			`} else {`
			`Logging.debug("Special valid")`
			`req.special = true;`
			`}`
			`}`
			`}`

			`if (special_token && !req.special) invalid();`

			`req.user = user`
			`req.isAdmin = user.admin;`

			`if (next)`
			`next()`
			`return true;`
			`} catch (e) {`
			`if (e instanceof Invalid) {`
			`if (req.method === "GET" && !json) {`
			`res.status(HttpStatusCode.UNAUTHORIZED)`
			`res.redirect("/login?base64=true&state=" + new Buffer(redirect_uri ? redirect_uri : req.originalUrl).toString("base64"))`
			`} else {`
			`throw new RequestError(req.__("You are not logged in or your login is expired"), HttpStatusCode.UNAUTHORIZED)`
			`}`
			`} else {`
			`if (next) next(e);`
			`else throw e;`
			`}`
			`return false;`
			`}`
			`});`
			`}`

			`export const UserMiddleware = GetUserMiddleware();`