cleanup auth

Author: DylanBulmer

README.md

@@ -1,5 +1,6 @@
 # @codrjs/core
 
+[![npm version](https://badge.fury.io/js/@codrjs%2Fcore.svg)](https://www.npmjs.com/package/@codrjs/core) 
 [![CodeQL](https://github.com/CodrJS/Core/actions/workflows/codeql.yml/badge.svg?branch=main)](https://github.com/CodrJS/Core/actions/workflows/codeql.yml)
 
 This is an open-sourced customizable annotation tool for researchers and industry.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@codrjs/core",
-  "version": "1.0.4-patch1",
+  "version": "1.0.5",
   "description": "An open-sourced customizable annotation tool",
   "main": "index.js",
   "repository": "[email protected]:CodrJS/Core.git",

src/classes/AccessToken.ts

@@ -0,0 +1,90 @@
+import { v4 } from "uuid";
+import crypto from "crypto";
+import Error from "./Error";
+
+const md5 = (text: string) => {
+  return crypto.createHash("md5").update(text).digest();
+};
+
+interface IAccessToken {
+  uuid: typeof v4;
+  createdAt: string;
+  expired: boolean;
+}
+
+export function isAccessToken(obj: any): obj is IAccessToken {
+  return "uuid" in obj;
+}
+
+// for encrypting AccessCode object into a string
+export function encrypt(text: string) {
+  let secretKey = md5(process.env.SECRET as string);
+  secretKey = Buffer.concat([secretKey, secretKey.subarray(0, 8)]);
+  const cipher = crypto.createCipheriv("des-ede3", secretKey, "");
+  const encrypted = cipher.update(text, "utf8", "hex");
+  return encrypted + cipher.final("hex");
+}
+
+// for decrypting AccessCode string into an object
+export function decrypt<T>(text: string) {
+  let secretKey = md5(process.env.SECRET as string);
+  secretKey = Buffer.concat([secretKey, secretKey.subarray(0, 8)]);
+  const decipher = crypto.createDecipheriv("des-ede3", secretKey, "");
+  let decrypted = decipher.update(text, "hex");
+  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+  // @ts-ignore
+  decrypted += decipher.final();
+  return JSON.parse(decrypted as unknown as string) as T;
+}
+
+class AccessToken {
+  private uuid: typeof v4;
+  private createdAt: string;
+  private expired: boolean;
+
+  public constructor(uuid: typeof v4);
+  public constructor(encoded: string);
+  public constructor(token: IAccessToken);
+  public constructor(arg: typeof v4 | string | IAccessToken) {
+    if (typeof arg === "string" || typeof arg === typeof v4) {
+      if (
+        (<string>arg).match(
+          /^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i,
+        )
+      ) {
+        this.uuid = <typeof v4>arg;
+        this.createdAt = new Date().toISOString();
+        this.expired = false;
+      } else {
+        const code = decrypt<AccessToken>(<string>arg);
+        this.uuid = code.uuid;
+        this.createdAt = code.createdAt;
+        this.expired = code.expired;
+      }
+    } else if (isAccessToken(arg)) {
+      this.uuid = arg.uuid;
+      this.createdAt = arg.createdAt;
+      this.expired = arg.expired;
+    }
+
+    throw new Error({ status: 400, message: "Invailid input given" });
+  }
+
+  use() {
+    this.expired = true;
+  }
+
+  toJSON() {
+    return {
+      value: this.uuid,
+      createdAt: this.createdAt,
+      expired: this.expired,
+    };
+  }
+
+  encode() {
+    return encrypt(JSON.stringify(this.toJSON()));
+  }
+}
+
+export default AccessToken;

src/classes/JWT.ts

@@ -1,34 +1,65 @@
-import jwt, { Algorithm } from "jsonwebtoken";
+import jwt, { Algorithm, JwtPayload } from "jsonwebtoken";
+import type { IUser } from "../models/User";
 import Error from "./Error";
 
+const isPayload = function isPayload(obj: any): obj is JwtPayload {
+  return "iss" in obj;
+};
+
 export function verifyToken(token: string) {
   const bearerRegex = /^Bearer\s/;
 
-  if (token && bearerRegex.test(token)) {
-    const newToken = token.replace(bearerRegex, "");
-    jwt.verify(
-      newToken,
-      "secretKey",
-      {
+  if (token) {
+    if (bearerRegex.test(token)) {
+      token = token.replace(bearerRegex, "");
+    }
+
+    try {
+      const decoded = jwt.verify(token, <string>process.env.JWT_SECRET, {
         issuer: process.env.JWT_ISSUER,
-      },
-      (error, decoded) => {
-        if (error === null && decoded) {
-          return true;
-        }
-        return false;
-      },
-    );
+      });
+      return decoded;
+    } catch (e) {
+      throw new Error({ status: 401, message: "Could not verify the JWT." });
+    }
+  } else {
+    throw new Error({ status: 400, message: "JWT is missing." });
+  }
+}
+
+/**
+ * @TODO Finish writing the refresh function.
+ */
+export function refreshToken(token: string) {
+  const bearerRegex = /^Bearer\s/;
+
+  if (token) {
+    if (bearerRegex.test(token)) {
+      token = token.replace(bearerRegex, "");
+    }
+
+    try {
+      const decoded = jwt.decode(token);
+
+      if (isPayload(decoded)) {
+        return decoded;
+      }
+
+      throw new Error({ status: 401, message: "Could not decode the JWT." });
+    } catch (e) {
+      throw new Error({ status: 401, message: "Could not decode the JWT." });
+    }
   } else {
-    return false;
+    throw new Error({ status: 400, message: "JWT is missing." });
   }
 }
 
-export function generateToken(payload: jwt.JwtPayload) {
+export function generateToken(payload: IUser & { _id: string }) {
   try {
     const signOpts: jwt.SignOptions = {
       issuer: process.env.JWT_ISSUER,
       algorithm: <Algorithm>process.env.JWT_ALGORITHM,
+      subject: payload._id,
     };
     return jwt.sign(payload, <string>process.env.JWT_SECRET, signOpts);
   } catch (err) {

src/classes/Mail/Template/Generic.ts

@@ -102,7 +102,7 @@ export default class GenericTemplate<T extends string>
       <br /><br />
       Best,<br />
       Your Codr Team<br />
-      [email protected]<br />
+      [email protected]
     </div>
   </div>
 </body>`.replace(/[\n]*/g, "");

src/models/User.ts

@@ -1,15 +1,31 @@
 import { EmailRegex } from "../classes/Email";
 import { Schema, model } from "mongoose";
 
-const UserProvider = new Schema({
+interface IUserProvider {
+  photo?: string;
+  phone?: string;
+  email: string;
+  uid: string;
+}
+
+export interface IUser {
+  name?: string;
+  email: string;
+  accessToken: string;
+  refreshToken: string;
+  providers?: IUserProvider;
+  isAdmin: boolean;
+}
+
+const UserProvider = new Schema<IUserProvider>({
   photo: { type: String },
   phone: { type: String },
   email: { type: String, required: true },
   uid: { type: String, required: [true, "Provider's user id is required"] },
 });
 
 /* UserSchema will correspond to a collection in your MongoDB database. */
-const UserSchema = new Schema(
+const UserSchema = new Schema<IUser>(
   {
     name: {
       type: String,
@@ -43,60 +59,6 @@ const UserSchema = new Schema(
   },
   {
     timestamps: true,
-    virtuals: {
-      firstName: {
-        get() {
-          const displayNameRegex =
-            /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
-          const result = displayNameRegex.exec(<string>this.name);
-
-          // set name data
-          if (result?.groups) {
-            const { firstName } = result.groups;
-            return firstName;
-          }
-        },
-      },
-      lastName: {
-        get() {
-          const displayNameRegex =
-            /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
-          const result = displayNameRegex.exec(<string>this.name);
-
-          // set name data
-          if (result?.groups) {
-            const { lastName } = result.groups;
-            return lastName;
-          }
-        },
-      },
-      preferredName: {
-        get() {
-          const displayNameRegex =
-            /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
-          const result = displayNameRegex.exec(<string>this.name);
-
-          // set name data
-          if (result?.groups) {
-            const { preferredName } = result.groups;
-            return preferredName;
-          }
-        },
-      },
-      fullname: {
-        get() {
-          const displayNameRegex =
-            /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
-          const result = displayNameRegex.exec(<string>this.name);
-
-          // set name data
-          if (result?.groups) {
-            const { firstName, lastName } = result.groups;
-            return firstName + " " + lastName;
-          }
-        },
-      },
-    },
     methods: {
       // generateJWT: {
       //   get() {
@@ -117,6 +79,54 @@ const UserSchema = new Schema(
   },
 );
 
+UserSchema.virtual("firstName").get(function get() {
+  const displayNameRegex =
+    /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
+  const result = displayNameRegex.exec(<string>this.name);
+
+  // set name data
+  if (result?.groups) {
+    const { firstName } = result.groups;
+    return firstName;
+  }
+});
+
+UserSchema.virtual("lastName").get(function get() {
+  const displayNameRegex =
+    /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
+  const result = displayNameRegex.exec(<string>this.name);
+
+  // set name data
+  if (result?.groups) {
+    const { lastName } = result.groups;
+    return lastName;
+  }
+});
+
+UserSchema.virtual("perferredName").get(function get() {
+  const displayNameRegex =
+    /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
+  const result = displayNameRegex.exec(<string>this.name);
+
+  // set name data
+  if (result?.groups) {
+    const { preferredName } = result.groups;
+    return preferredName;
+  }
+});
+
+UserSchema.virtual("fullName").get(function get() {
+  const displayNameRegex =
+    /(?<lastName>\w+),(?<firstName>\w+)<?(?<preferredName>\w+)?>?/gm;
+  const result = displayNameRegex.exec(<string>this.name);
+
+  // set name data
+  if (result?.groups) {
+    const { firstName, lastName } = result.groups;
+    return firstName + " " + lastName;
+  }
+});
+
 // exports User model.
-const User = model("User", UserSchema);
+const User = model<IUser>("User", UserSchema);
 export default User;