From 4d28ac359b25d89d0dbb42dd3a6d32269eebc619 Mon Sep 17 00:00:00 2001
From: piotrruss <mail@pruss.it>
Date: Tue, 15 Aug 2023 19:13:58 +0200
Subject: add cors, logout, change name

---
 routes/index.js | 106 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 routes/index.js

(limited to 'routes/index.js')

diff --git a/routes/index.js b/routes/index.js
new file mode 100644
index 0000000..294cb49
--- /dev/null
+++ b/routes/index.js
@@ -0,0 +1,106 @@
+const fs = require('fs')
+const router = require('express').Router()
+const { randomBytes } = require('crypto')
+const jwt = require('jsonwebtoken')
+const User = require('../model/User')
+
+const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa`)
+
+const generateJwtToken = (user) => jwt.sign({
+    email: user.email,
+    verified: !!user.verify,
+    role: user.role,
+  },
+  {
+    key: cert,
+    passphrase: process.env.RSA_PASS,
+  },
+  {
+    expiresIn: parseInt(process.env.TOKEN_EXPIRES_IN),
+    issuer: 'pruss.it',
+    algorithm: 'RS256',
+  }
+)
+
+// Alive
+router.get("/", (_, res) => res.send("Auth service is up.") )
+
+// Register
+router.post('/register', async (req, res) => {
+  const refresh = randomBytes(32).toString('hex')
+  const newUser = new User({
+    email: req.body.email,
+    password: req.body.password,
+    refresh,
+  })
+
+  try {
+    const user = await newUser.save()
+    const jwtToken = generateJwtToken(user)
+
+    res.status(201).send({ jt: jwtToken, rt: refresh })
+  } catch(err) {
+    if (err._message) {
+      res.status(422).send({ error: err._message })
+    } else if (err.code && err.code === 11000) {
+      res.status(409).send({ error: 'User with this email already exist' })
+    } else {
+      res.status(400).send({ error: 'Could not save the user' })
+    }
+  }
+})
+
+// Login
+router.post('/login', async (req, res) => {
+  try {
+    const user = await User.findByCredentials(req.body.email, req.body.password)
+
+    if (!user) throw new Error()
+
+    const refreshToken = await User.newRefreshToken(user)
+
+    if (!refreshToken) throw new Error()
+
+    const jwtToken = generateJwtToken(user)
+
+    res.status(202).send({ jt: jwtToken, rt: refreshToken })
+  } catch (err) {
+    res.status(401).send({ error: 'Could not log in.' })
+  }
+})
+
+// Logout
+router.post('/logout', async (req, res) => {
+  try {
+    const user = await User.checkRefreshToken(req.body.email, req.body.refresh)
+
+    if (!user) throw new Error()
+
+    await User.removeRefreshToken(user.email)
+
+    res.status(204).send()
+  } catch (err) {
+    res.status(401).send({ error: 'Could not logout' })
+  }
+})
+
+// Refresh token
+router.post('/refresh', async (req, res) => {
+  try {
+    const user = await User.checkRefreshToken(req.body.email, req.body.refresh)
+
+    if (!user) throw new Error()
+
+    const newRefreshToken = await User.newRefreshToken(user)
+
+    if (!newRefreshToken) throw new Error()
+
+    const jwtToken = generateJwtToken(user)
+
+    res.status(201).send({ jt: jwtToken, rt: newRefreshToken })
+  } catch (err) {
+    res.status(401).send({ error: 'User logged out' })
+  }
+})
+
+module.exports = router
-- 
cgit v1.2.3