import { Request, Response, Router } from "express"; import Stacker from "../middlewares/stacker"; import { GetClientAuthMiddleware, GetClientApiAuthMiddleware, } from "../middlewares/client"; import { GetUserMiddleware } from "../middlewares/user"; import { createJWT } from "../../keys"; import Client from "../../models/client"; import RequestError, { HttpStatusCode } from "../../helper/request_error"; import config from "../../config"; import Mail from "../../models/mail"; const ClientRouter = Router(); /** * @api {get} /client/user * * @apiDescription Can be used for simple authentication of user. It will redirect the user to the redirect URI with a very short lived jwt. * * @apiParam {String} redirect_uri URL to redirect to on success * @apiParam {String} state A optional state, that will be included in the JWT and redirect_uri as parameter * * @apiName ClientUser * @apiGroup client * * @apiPermission user_client Requires ClientID and Authenticated User */ ClientRouter.get( "/user", Stacker( GetClientAuthMiddleware(false), GetUserMiddleware(false, false), async (req: Request, res: Response) => { let { redirect_uri, state } = req.query; if (redirect_uri !== req.client.redirect_url) throw new RequestError( "Invalid redirect URI", HttpStatusCode.BAD_REQUEST ); let jwt = await createJWT( { client: req.client.client_id, uid: req.user.uid, username: req.user.username, state: state, }, { expiresIn: 30, issuer: config.core.url, algorithm: "RS256", subject: req.user.uid, audience: req.client.client_id, } ); //after 30 seconds this token is invalid res.redirect( redirect_uri + "?jwt=" + jwt + (state ? `&state=${state}` : "") ); } ) ); ClientRouter.get( "/account", Stacker(GetClientApiAuthMiddleware(), async (req: Request, res) => { let mails = await Promise.all( req.user.mails.map((id) => Mail.findById(id)) ); let mail = mails.find((e) => e.primary) || mails[0]; res.json({ user: { username: req.user.username, name: req.user.name, email: mail, }, }); }) ); export default ClientRouter;