Files
myDrive/backend/middleware/authStreamVideo.ts
T
2024-08-10 01:41:02 -04:00

104 lines
2.4 KiB
TypeScript

import jwt from "jsonwebtoken";
import User, { UserInterface } from "../models/userModel";
import env from "../enviroment/env";
import { Request, Response, NextFunction } from "express";
import { ObjectId } from "mongodb";
import mongoose from "mongoose";
interface RequestType extends Request {
user?: UserInterface;
token?: string;
encryptedToken?: string;
accessTokenStreamVideo?: string;
}
type jwtType = {
iv: Buffer;
_id: string;
time: number;
};
const removeOldTokens = async (
userID: mongoose.Types.ObjectId,
uuid: string | undefined,
oldTime: number
) => {
try {
const minusTime = oldTime - 60 * 1000 * 60 * 24;
uuid = uuid ? uuid : "unknown";
if (uuid === "unknown") return;
await User.updateOne(
{ _id: userID },
{ $pull: { tempTokens: { uuid, time: { $lt: minusTime } } } }
);
} catch (e) {
console.log("cannot remove old tokens", e);
}
};
const authStreamVideo = async (
req: RequestType,
res: Response,
next: NextFunction
) => {
try {
const accessTokenStreamVideo = req.cookies["video-access-token"];
const currentUUID = req.headers.uuid as string;
if (!accessTokenStreamVideo) throw new Error("No Access Token");
const decoded = jwt.verify(
accessTokenStreamVideo,
env.passwordAccess!
) as jwtType;
const time = decoded.time;
const user = await User.findById(new ObjectId(decoded._id));
if (!user) throw new Error("No User");
const encrpytionKey = user.getEncryptionKey();
const encryptedToken = user.encryptToken(
accessTokenStreamVideo,
encrpytionKey,
decoded.iv
);
let tokenFound = false;
for (let i = 0; i < user.tempTokens.length; i++) {
const currentEncryptedToken = user.tempTokens[i].token;
if (currentEncryptedToken === encryptedToken) {
tokenFound = true;
removeOldTokens(user._id, currentUUID, time);
break;
}
}
if (!tokenFound) throw new Error("Access Token Not Found");
req.user = user;
req.accessTokenStreamVideo = encryptedToken;
next();
} catch (e) {
if (
e instanceof Error &&
e.message !== "No Access Token" &&
e.message !== "No User" &&
e.message !== "Access Token Not Found"
) {
console.log("\nAuthorization Stream Video Middleware Error:", e.message);
}
res.status(401).send("Error Authenticating");
}
};
export default authStreamVideo;