naresh
/
our-sejahtera-backend
mirror of https://github.com/naresh97/our-sejahtera-backend
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

remove cookies

feature/telegramLogin
Nareshkumar Rao 3 years ago
parent
3cfe839c3e
commit
896e5790dc
3 changed files with 5788 additions and 1961 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 65
      app.js
  2. 7679
      package-lock.json
  3. 3
      package.json

65
app.js
View File

@ -1,16 +1,48 @@
const express = require('express'); const express = require('express');
const cors = require('cors')
const { Sequelize, DataTypes, STRING } = require('sequelize'); const { Sequelize, DataTypes, STRING } = require('sequelize');
const session = require('express-session'); const session = require('express-session');
const bcrypt = require('bcrypt'); const bcrypt = require('bcrypt');
const QRCode = require('qrcode'); const QRCode = require('qrcode');
const { createSecureServer } = require('http2'); const { createSecureServer } = require('http2');
require("dotenv").config();
require("dotenv-flow").config();
const sequelize = new Sequelize('sqlite::memory:')
var SequelizeStore = require("connect-session-sequelize")(session.Store);
const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds
const isProduction = process.env.NODE_ENV == "production";
const isDev = process.env.NODE_ENV == "development";
console.log(`Node Environment: ${process.env.NODE_ENV}`);
const sequelize = (() => {
if (isProduction) {
return new Sequelize(process.env.DB_DATA_NAME, process.env.DB_USER, process.env.DB_PASS, {
host: process.env.DB_PATH,
dialect: process.env.DB_DATA_DIALECT,
});
} else {
return new Sequelize('sqlite::memory:');
}
})();
const storeDB = (() => {
if (isProduction) {
new Sequelize(process.env.DB_STORE_NAME, process.env.DB_USER, process.env.DB_PASS, {
host: process.env.DB_PATH,
dialect: process.env.DB_DATA_DIALECT,
});
} else {
return new Sequelize('sqlite::memory:');
}
})();
const store = new SequelizeStore({
db: storeDB,
expiration: COOKIE_EXPIRY_DURATION,
});
store.sync();
const Contact = sequelize.define('Contact', { const Contact = sequelize.define('Contact', {
user: { user: {
type: DataTypes.INTEGER, type: DataTypes.INTEGER,
@ -52,6 +84,8 @@ User.sync().then(() => {
name: "Demo", name: "Demo",
hash: bcrypt.hashSync("test", 10), hash: bcrypt.hashSync("test", 10),
phoneNumber: "123", phoneNumber: "123",
}).catch(e => {
console.log("Couldn't create demo account. Probably exists.");
}); });
}); });
@ -74,8 +108,6 @@ function authUser(email, password, done) {
function refreshVerification(user, done) { function refreshVerification(user, done) {
let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, ""); let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, "");
newVerification = newVerification.substr(0, newVerification.length / 2); newVerification = newVerification.substr(0, newVerification.length / 2);
console.log(`Verification: ${newVerification}`)
user.verification = newVerification; user.verification = newVerification;
user.save().then(result => { user.save().then(result => {
done(result) done(result)
@ -105,7 +137,6 @@ function checkVerification(id, done) {
} }
}).then(user => { }).then(user => {
if (user) { if (user) {
console.log(user);
done(true, "User verified", user.id); done(true, "User verified", user.id);
} else { } else {
done(false, "No such verification"); done(false, "No such verification");
@ -152,25 +183,25 @@ function getCookieExpiry() {
} }
const app = express(); const app = express();
app.set('trust proxy', 1)
app.use(session({ app.use(session({
secret: process.env.SERVER_SESSION_SECRET, secret: process.env.SERVER_SESSION_SECRET,
resave: false, resave: false,
saveUninitialized: false, saveUninitialized: false,
})) }))
app.use(cors({ credentials: true, origin: process.env.WEBSITE_URL }))
app.use(express.json()) app.use(express.json())
app.post('/login', (req, res) => { app.post('/login', (req, res) => {
reqEmail = req.body.email.toLowerCase(); reqEmail = req.body.email.toLowerCase();
const auth = authUser(reqEmail, req.body.password, (success, msg) => { const auth = authUser(reqEmail, req.body.password, (success, msg) => {
req.session.regenerate(() => {
cookieExpiry = getCookieExpiry();
req.session.cookie.expires = cookieExpiry;
req.session.user = reqEmail;
res.cookie("authorized", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry });
res.send({ authorized: success, message: msg })
});
if (success) {
req.session.regenerate(() => {
cookieExpiry = getCookieExpiry();
req.session.user = reqEmail;
res.send({ authorized: success, message: msg })
});
} else {
res.status(401).send({ authorized: success, message: msg });
}
}); });
}); });
@ -179,9 +210,7 @@ app.post('/create', (req, res) => {
if (req.session.verified) { if (req.session.verified) {
createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => { createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => {
cookieExpiry = getCookieExpiry(); cookieExpiry = getCookieExpiry();
req.session.cookie.expires = cookieExpiry;
req.session.user = reqEmail; req.session.user = reqEmail;
res.cookie("authorized", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry });
if (success) { if (success) {
addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => { addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => {
res.send({ success: success, message: msg }); res.send({ success: success, message: msg });
@ -208,7 +237,6 @@ app.get('/code', (req, res) => {
app.get("/verify/:id", (req, res) => { app.get("/verify/:id", (req, res) => {
checkVerification(req.params.id, (success, msg, withUserID) => { checkVerification(req.params.id, (success, msg, withUserID) => {
cookieExpiry = getCookieExpiry(); cookieExpiry = getCookieExpiry();
req.session.cookie.expires = cookieExpiry;
req.session.verified = success; req.session.verified = success;
req.session.verifiedBy = withUserID; req.session.verifiedBy = withUserID;
@ -222,7 +250,6 @@ app.get("/verify/:id", (req, res) => {
} }
}); });
} else { // If Not Logged In } else { // If Not Logged In
res.cookie("verified", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry });
if (success) { if (success) {
res.redirect(`${process.env.WEBSITE_URL}/#/create`) res.redirect(`${process.env.WEBSITE_URL}/#/create`)
} else { } else {

7679
package-lock.json
View File

File diff suppressed because it is too large

3
package.json
View File

@ -11,10 +11,13 @@
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"bcrypt": "^5.0.1", "bcrypt": "^5.0.1",
"connect-session-sequelize": "^7.1.1",
"cors": "^2.8.5", "cors": "^2.8.5",
"dotenv": "^10.0.0", "dotenv": "^10.0.0",
"dotenv-flow": "^3.2.0",
"express": "^4.17.1", "express": "^4.17.1",
"express-session": "^1.17.2", "express-session": "^1.17.2",
"pg": "^8.6.0",
"qrcode": "^1.4.4", "qrcode": "^1.4.4",
"sequelize": "^6.6.5", "sequelize": "^6.6.5",
"sqlite3": "^5.0.2" "sqlite3": "^5.0.2"

Write Preview
Loading…
Cancel
Save