ecc340e7b1
Dark mode: CSS custom properties + .dark class toggled via Redux/localStorage, with a theme toggle in the Header and Settings page. Foundation didn't exist yet despite prior assumption, so it was built from scratch. SQLite: new DB_ENGINE=mongo|sqlite env var selects the metadata backend at runtime (Mongo stays default, no behavior change unless opted in). File/thumbnail bytes continue to use the existing fs/S3 storage path. Implemented via a shared DB interface (dbTypes.ts) with parallel mongoDB/ and sqliteDB/ implementations, selected through dbFactory.ts, with JWT/encryption logic extracted into userCrypto.ts so both engines share it.
93 lines
2.1 KiB
TypeScript
93 lines
2.1 KiB
TypeScript
import jwt from "jsonwebtoken";
|
|
import { UserInterface } from "../models/user-model";
|
|
import env from "../enviroment/env";
|
|
import { Request, Response, NextFunction } from "express";
|
|
import { getUserDB } from "../db/dbFactory";
|
|
|
|
const userDB = getUserDB();
|
|
|
|
interface RequestType extends Request {
|
|
user?: UserInterface;
|
|
token?: string;
|
|
encryptedToken?: string;
|
|
}
|
|
|
|
type jwtType = {
|
|
iv: Buffer;
|
|
_id: string;
|
|
time: number;
|
|
};
|
|
|
|
const removeOldTokens = async (
|
|
userID: string,
|
|
uuid: string | undefined,
|
|
oldTime: number
|
|
) => {
|
|
try {
|
|
const minusTime = oldTime - 1000 * 60 * 60;
|
|
|
|
await userDB.removeOldTokens(userID, uuid, minusTime, false);
|
|
} catch (e) {
|
|
console.log("cannot remove old tokens", e);
|
|
}
|
|
};
|
|
|
|
const authRefresh = async (
|
|
req: RequestType,
|
|
res: Response,
|
|
next: NextFunction
|
|
) => {
|
|
try {
|
|
const refreshToken = req.cookies["refresh-token"];
|
|
const currentUUID = req.headers.uuid as string;
|
|
|
|
if (!refreshToken) throw new Error("No Refresh Token");
|
|
|
|
const decoded = jwt.verify(refreshToken, env.passwordRefresh!) as jwtType;
|
|
|
|
const time = decoded.time;
|
|
|
|
const user = await userDB.getUserInfo(decoded._id);
|
|
|
|
if (!user) throw new Error("No User");
|
|
|
|
const encrpytionKey = user.getEncryptionKey();
|
|
const encryptedToken = user.encryptToken(
|
|
refreshToken,
|
|
encrpytionKey,
|
|
decoded.iv
|
|
);
|
|
|
|
let tokenFound = false;
|
|
|
|
for (let i = 0; i < user.tokens.length; i++) {
|
|
const currentEncryptedToken = user.tokens[i].token;
|
|
|
|
if (currentEncryptedToken === encryptedToken) {
|
|
tokenFound = true;
|
|
removeOldTokens(user._id.toString(), currentUUID, time);
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!tokenFound) throw new Error("Refresh Token Not Found");
|
|
|
|
req.user = user;
|
|
|
|
next();
|
|
} catch (e) {
|
|
if (
|
|
e instanceof Error &&
|
|
e.message !== "No Refresh Token" &&
|
|
e.message !== "No User" &&
|
|
e.message !== "Refresh Token Not Found"
|
|
) {
|
|
console.log("\nAuthorization Refresh Middleware Error:", e.message);
|
|
}
|
|
|
|
res.status(401).send("Error Refreshing Token");
|
|
}
|
|
};
|
|
|
|
export default authRefresh;
|