refactor: login

This commit is contained in:
monoid 2022-07-06 15:53:40 +09:00
parent 8d20c30d32
commit beafeb7ace

View File

@ -137,7 +137,7 @@ export const createLoginMiddleware = (userController: UserAccessor) =>
ctx.body = {
username: user.username,
permission: userPermission,
accessExpired : (Math.floor(Date.now() / 1000) + accessExpiredTime),
accessExpired: (Math.floor(Date.now() / 1000) + accessExpiredTime),
};
console.log(`${username} logined`);
return;
@ -147,9 +147,11 @@ export const LogoutMiddleware = (ctx: Koa.Context, next: Koa.Next) => {
const setting = get_setting()
ctx.cookies.set(accessTokenName, null);
ctx.cookies.set(refreshTokenName, null);
ctx.body = { ok: true,
username: "",
permission: setting.guest };
ctx.body = {
ok: true,
username: "",
permission: setting.guest
};
return;
};
export const createUserMiddleWare = (userController: UserAccessor) =>
@ -166,15 +168,33 @@ export const createUserMiddleWare = (userController: UserAccessor) =>
};
const refreshTokenHandler = (cntr: UserAccessor) =>
async (ctx: Koa.Context, fail: Koa.Next, next: Koa.Next) => {
const payload = ctx.cookies.get(accessTokenName);
const accessPayload = ctx.cookies.get(accessTokenName);
const setting = get_setting();
const secretKey = setting.jwt_secretkey;
const checkRefreshAndUpdate = async () => {
const payload2 = ctx.cookies.get(refreshTokenName);
if (payload2 === undefined) return await fail(); // refresh token doesn't exist
else {
if (accessPayload == undefined) {
return await checkRefreshAndUpdate();
}
try {
const o = verify(accessPayload, secretKey);
if (isUserState(o)) {
ctx.state.user = o;
return await next();
} else {
console.error("invalid token detected");
throw new Error("token form invalid");
}
} catch (e) {
if (e instanceof TokenExpiredError) {
return await checkRefreshAndUpdate();
} else throw e;
}
async function checkRefreshAndUpdate() {
const refreshPayload = ctx.cookies.get(refreshTokenName);
if (refreshPayload === undefined) {
return await fail(); // refresh token doesn't exist
} else {
try {
const o = verify(payload2, secretKey);
const o = verify(refreshPayload, secretKey);
if (isRefreshToken(o)) {
const user = await cntr.findUser(o.username);
if (user === undefined) return await fail(); //already non-existence user
@ -199,28 +219,12 @@ const refreshTokenHandler = (cntr: UserAccessor) =>
}
return await next();
};
if (payload == undefined) {
return await checkRefreshAndUpdate();
}
try {
const o = verify(payload, secretKey);
if (isUserState(o)) {
ctx.state.user = o;
return await next();
} else {
console.error("invalid token detected");
throw new Error("token form invalid");
}
} catch (e) {
if (e instanceof TokenExpiredError) {
return await checkRefreshAndUpdate();
} else throw e;
}
};
export const createRefreshTokenMiddleware = (cntr: UserAccessor) =>
async (ctx: Koa.Context, next: Koa.Next) => {
const handler = refreshTokenHandler(cntr);
const fail = async () => {
await handler(ctx, fail, success);
async function fail() {
const user = ctx.state.user as PayloadInfo;
ctx.body = {
refresh: false,
@ -228,7 +232,7 @@ export const createRefreshTokenMiddleware = (cntr: UserAccessor) =>
};
ctx.type = "json";
};
const success = async () => {
async function success() {
const user = ctx.state.user as PayloadInfo;
ctx.body = {
...user,
@ -237,37 +241,36 @@ export const createRefreshTokenMiddleware = (cntr: UserAccessor) =>
};
ctx.type = "json";
};
await handler(ctx, fail, success);
};
export const resetPasswordMiddleware = (cntr: UserAccessor) =>
async (ctx:Koa.Context, next: Koa.Next) => {
export const resetPasswordMiddleware = (cntr: UserAccessor) =>
async (ctx: Koa.Context, next: Koa.Next) => {
const body = ctx.request.body;
if(typeof body !== "object" || !('username' in body)||!('oldpassword' in body) || !('newpassword' in body)){
return sendError(400,"request body is invalid format");
if (typeof body !== "object" || !('username' in body) || !('oldpassword' in body) || !('newpassword' in body)) {
return sendError(400, "request body is invalid format");
}
const username = body['username'];
const oldpw = body['oldpassword'];
const newpw = body['newpassword'];
if(typeof username !== "string" || typeof oldpw !== "string" || typeof newpw !== "string"){
return sendError(400,"request body is invalid format");
if (typeof username !== "string" || typeof oldpw !== "string" || typeof newpw !== "string") {
return sendError(400, "request body is invalid format");
}
const user = await cntr.findUser(username);
if(user === undefined){
return sendError(403,"not authorized");
if (user === undefined) {
return sendError(403, "not authorized");
}
if(!user.password.check_password(oldpw)){
return sendError(403,"not authorized");
if (!user.password.check_password(oldpw)) {
return sendError(403, "not authorized");
}
user.reset_password(newpw);
ctx.body = {ok:true}
ctx.body = { ok: true }
ctx.type = 'json';
}
}
export function createLoginRouter(userController: UserAccessor){
export function createLoginRouter(userController: UserAccessor) {
let router = new Router();
router.post('/login',createLoginMiddleware(userController));
router.post('/logout',LogoutMiddleware);
router.post('/refresh',createRefreshTokenMiddleware(userController));
router.post('/login', createLoginMiddleware(userController));
router.post('/logout', LogoutMiddleware);
router.post('/refresh', createRefreshTokenMiddleware(userController));
router.post('/reset', resetPasswordMiddleware(userController));
return router;
}