fyb/zkl-ccir
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

we have auth. now

Browse Source
This commit is contained in:
yigid balaban
2024-10-06 15:33:45 +03:00
parent 9b6b10327a
commit ee5aaa65e6
5 changed files with 189 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
index.js
View File

@@ -1,66 +1,51 @@
const express = require('express'); const express = require("express");
const mongoose = require('mongoose'); const mongoose = require("mongoose");
const cors = require('cors'); const cors = require("cors");
const morgan = require('morgan'); const morgan = require("morgan");
const appRoute = require('./routes/app.route.js'); const appRoute = require("./routes/app.route.js");
require('dotenv').config() require("dotenv").config();
const PORT = process.env.PORT || 3000; const PORT = process.env.PORT || 3000;
const logger = (req, res, next) => { const logger = (req, res, next) => {
console.log( console.log(
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~' "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~",
); );
console.log('----------BODY----------'); console.log("----------BODY----------");
console.log(req.body); console.log(req.body);
console.log(); console.log();
console.log('----------HEAD----------'); console.log("----------HEAD----------");
console.log(req.headers); console.log(req.headers);
console.log( console.log(
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~' "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~",
); );
next(); next();
} };
const app = express(); const app = express();
app.enable('trust proxy'); app.enable("trust proxy");
app.disable('x-powered-by'); app.disable("x-powered-by");
app.use(express.json({ limit: '64mb' } )); app.use(express.json({ limit: "64mb" }));
app.use(cors()); app.use(cors());
app.use( app.use(
morgan( morgan(
'[ :method :url ] ~:status | :date[web] | :total-time[digits] ms | IP :remote-addr | :user-agent' "[ :method :url ] ~:status | :date[web] | :total-time[digits] ms | IP :remote-addr | :user-agent",
) ),
); );
app.use(logger, appRoute); app.use(logger, appRoute);
mongoose.connect(process.env.MONGODB_URI).then(() => { console.info('Database connected'); }); mongoose.connect(process.env.MONGODB_URI).then(() => {
console.info("Database connected");
});
const verifyToken = async (req, res, next) => { app.get("/api/hello", (req, res) => {
const authHeader = req.headers['authorization'];
const token = authHeader && authHeader.split(' ')[1];
if (token == null) return res.sendStatus(401);
try {
const authRecord = await AuthToken.findOne({ auth_token: token });
if (!authRecord) return res.sendStatus(403);
req.address = authRecord.address;
req.authType = authRecord.type;
next();
} catch (error) {
return res.sendStatus(403);
}
};
app.get('/api/hello', (req, res) => {
res.status(200).json({ res.status(200).json({
message: 'Close the world, .txen eht nepO', message: "Close the world, .txen eht nepO",
author: 'Yigid BALABAN <fyb@fybx.dev>', author: "Yigid BALABAN <fyb@fybx.dev>",
authorHomepage: 'https://fybx.dev/' authorHomepage: "https://fybx.dev/",
}) thanks: "to Abdullah VELISOY, login.xyz, my family",
});
}); });
app.listen(PORT, () => console.log(`Server running on port ${PORT}`)); app.listen(PORT, () => console.log(`Server running on port ${PORT}`));

40
middlewares/auth.middleware.js Normal file
View File

@@ -0,0 +1,40 @@
const { AuthTokens } = require("../models/index.js");
const verifyToken = async (req, res, next) => {
const authHeader = req.headers["authorization"];
if (!authHeader || !authHeader.startsWith("Bearer ")) {
return res.status(401).json({ error: "Unauthorized" });
}
const authToken = authHeader.split(" ")[1];
try {
const tokenRecord = await AuthTokens.findOne({ authToken });
if (!tokenRecord) {
return res.status(401).json({ error: "Unauthorized" });
}
req.tokenRecord = tokenRecord;
next();
} catch (err) {
res.status(500).json({ error: "Internal server error" });
}
};
const editProfile = async (req, res, next) => {
const { walletAddress } = req.body;
const { tokenRecord } = req;
if (tokenRecord.walletAddress !== walletAddress) {
return res.status(403).json({
error:
"Forbidden: You are not allowed to edit this account's information.",
});
}
next();
};
module.exports = { verifyToken, editProfile };

32
models/index.js
View File

@@ -1,29 +1,29 @@
const mongoose = require('mongoose'); const mongoose = require("mongoose");
const NonceSchema = new mongoose.Schema({ const NonceSchema = new mongoose.Schema({
address: String, walletAddress: String,
nonce: String, nonce: String,
type: String, networkType: String,
createdAt: { type: Date, expires: 300, default: Date.now } createdAt: { type: Date, expires: 300, default: Date.now },
}); });
const AuthTokenSchema = new mongoose.Schema({ const AuthTokenSchema = new mongoose.Schema({
address: String, walletAddress: String,
auth_token: String, authToken: String,
type: String, networkType: String,
createdAt: { type: Date, expires: 3600, default: Date.now } createdAt: { type: Date, expires: 3600, default: Date.now },
}); });
const UserSchema = new mongoose.Schema({ const UserSchema = new mongoose.Schema({
address: { type: String, required: true }, walletAddress: { type: String, required: true },
networkType: { type: String, required: true }, networkType: { type: String, required: true },
profileName: { type: String, required: true, default: 'Anonymous' }, profileName: { type: String, required: true, default: "Anonymous" },
publicKey: { type: String, required: true, unique: true } publicKey: { type: String, required: true, unique: true },
}); });
const Nonce = mongoose.model('Nonce', NonceSchema); const Nonces = mongoose.model("Nonce", NonceSchema);
const AuthToken = mongoose.model('AuthToken', AuthTokenSchema); const AuthTokens = mongoose.model("AuthToken", AuthTokenSchema);
const User = mongoose.model('User', UserSchema); const Users = mongoose.model("User", UserSchema);
User.collection.createIndex({ publicKey: 1 }, { unique: true }); Users.collection.createIndex({ publicKey: 1 }, { unique: true });
module.exports = { Nonce, AuthToken, User }; module.exports = { Nonces, AuthTokens, Users };

115
routes/auth.route.js
View File

@@ -1,100 +1,113 @@
const express = require('express'); const express = require("express");
const router = express.Router({ mergeParams: true }); const router = express.Router({ mergeParams: true });
const siwe = require('siwe'); const siwe = require("siwe");
const bs58 = require('bs58'); const bs58 = require("bs58");
const nacl = require('tweetnacl'); const nacl = require("tweetnacl");
const { Nonce, AuthToken } = require('../models/index.js'); const { verifyToken } = require("../middlewares/auth.middleware.js");
const { generateNonce, generateBearerToken } = require('../utils/index.js'); const { Nonces, AuthTokens } = require("../models/index.js");
const { generateNonce, generateBearerToken } = require("../utils/index.js");
router.get('/nonce', async (req, res) => { router.get("/nonce", async (req, res) => {
const { address, type } = req.query; const { address: walletAddress, type: networkType } = req.query;
if (!address || !type) { if (!walletAddress || !networkType) {
return res.status(400).json({ error: 'Missing address or type' }); return res
.status(400)
.json({ error: "Missing walletAddress or networkType" });
} }
if (type !== 'ethereum' && type !== 'solana') { if (networkType !== "ethereum" && type !== "solana") {
return res.status(400).json({ error: 'Invalid type. Must be "ethereum" or "solana"' }); return res
.status(400)
.json({ error: 'Invalid networkType. Must be "ethereum" or "solana"' });
} }
const nonce = generateNonce(); const nonce = generateNonce();
try { try {
await Nonce.findOneAndUpdate( await Nonces.findOneAndUpdate(
{ address, type }, { walletAddress, networkType },
{ address, nonce, type }, { walletAddress, nonce, networkType },
{ upsert: true, new: true } { upsert: true, new: true },
); );
res.json({ nonce }); res.json({ nonce });
} catch (error) { } catch (error) {
res.status(500).json({ error: 'Server error' }); res.status(500).json({ error: "Server error" });
} }
}); });
router.post('/verify', async (req, res) => { router.post("/verify", async (req, res) => {
const { message, address, signature } = req.body; const { message, walletAddress, signature } = req.body;
if (!address || !signature) { if (!walletAddress || !signature) {
return res.status(400).json({error: 'Missing address or signature'}); return res
.status(400)
.json({ error: "Missing walletAddress or signature" });
} }
const nonce = await Nonce.findOne({ address }).lean().select('-__v -updatedAt'); const nonce = await Nonces.findOne({ walletAddress })
const type = nonce.type; .lean()
.select("-__v -updatedAt");
const networkType = nonce.networkType;
try { try {
if (type === 'ethereum') { if (networkType === "ethereum") {
if (!message) { if (!message) {
return res.status(400).json({ error: 'Missing SiweMessage' }); return res.status(400).json({ error: "Missing SiweMessage" });
} }
const siweMessage = new siwe.SiweMessage(message); const siweMessage = new siwe.SiweMessage(message);
const fields = await siweMessage.verify({ signature, nonce: nonce.nonce }); const fields = await siweMessage.verify({
if (address == fields.address) signature,
throw new Error('Invalid signature'); nonce: nonce.nonce,
} else if (type === 'solana') { });
if (walletAddress == fields.walletAddress)
throw new Error("Invalid signature");
} else if (networkType === "solana") {
const signatureUint8 = bs58.default.decode(signature); const signatureUint8 = bs58.default.decode(signature);
const messageUint8 = new TextEncoder().encode(nonce.nonce); const messageUint8 = new TextEncoder().encode(nonce.nonce);
const publicKeyUint8 = bs58.default.decode(address); const publicKeyUint8 = bs58.default.decode(walletAddress);
const isValid = nacl.sign.detached.verify(messageUint8, signatureUint8, publicKeyUint8); const isValid = nacl.sign.detached.verify(
messageUint8,
signatureUint8,
publicKeyUint8,
);
if (!isValid) { if (!isValid) {
throw new Error('Invalid signature'); throw new Error("Invalid signature");
} }
} else { } else {
return res.status(400).json({ error: 'Invalid type. Must be "ethereum" or "solana"' }); return res
.status(400)
.json({ error: 'Invalid networkType. Must be "ethereum" or "solana"' });
} }
const auth_token = generateBearerToken(); const authToken = generateBearerToken();
await AuthToken.findOneAndUpdate( await AuthTokens.findOneAndUpdate(
{ address, type }, { walletAddress, networkType },
{ auth_token, createdAt: new Date() }, { authToken, createdAt: new Date() },
{ upsert: true, new: true, setDefaultsOnInsert: true } { upsert: true, new: true, setDefaultsOnInsert: true },
); );
await Nonce.deleteOne({ address, type }); await Nonces.deleteOne({ walletAddress, networkType });
res.json({ auth_token }); res.json({ authToken });
} catch (error) { } catch (error) {
res.status(400).json({ error: `${error.message}, ${error.stack}` }); res.status(400).json({ error: `${error.message}, ${error.stack}` });
} }
}); });
router.delete('/auth/signoff', async (req, res) => { router.delete("/signoff", verifyToken, async (req, res) => {
const authHeader = req.headers['authorization']; const deletedAuth = AuthTokens.findOneAndDelete({
const token = authHeader && authHeader.split(' ')[1]; authToken: tokenRecord.authToken,
});
if (!token) {
return res.status(400).json({ error: 'Missing authorization token in header'});
}
const deletedAuth = AuthToken.findOneAndDelete({ auth_token: token });
if (!deletedAuth) { if (!deletedAuth) {
return res.status(400).json({ error: 'Can\'t log out, not logged in?' }); return res.status(400).json({ error: "Can't log out, not logged in?" });
} }
return res.status(204).json({ error: 'Logged out successfully.' }); return res.status(204).json({ error: "Logged out successfully." });
}); });
module.exports = router; module.exports = router;

72
routes/users.route.js
View File

@@ -1,9 +1,13 @@
const express = require('express'); const express = require("express");
const router = express.Router({ mergeParams: true }); const router = express.Router({ mergeParams: true });
const { User } = require('../models/index.js'); const { Users } = require("../models/index.js");
const {
verifyToken,
editProfile,
} = require("../middlewares/auth.middleware.js");
router.get('/users', async (req, res) => { router.get("/", async (req, res) => {
const { publicKey, address } = req.query; const { publicKey, address } = req.query;
try { try {
@@ -16,59 +20,71 @@ router.get('/users', async (req, res) => {
} }
if (!publicKey && !address) { if (!publicKey && !address) {
return res.status(400).json({ error: 'Please provide a publicKey or address to search.' }); return res
.status(400)
.json({ error: "Please provide a publicKey or address to search." });
} }
const users = await User.find(query); const users = await Users.find(query);
if (users.length === 0) { if (users.length === 0) {
return res.status(404).json({ error: 'No users found matching the criteria.' }); return res
.status(404)
.json({ error: "No users found matching the criteria." });
} }
res.json(users); res.json(users);
} catch (err) { } catch (err) {
res.status(500).json({ error: 'Server error' }); res.status(500).json({ error: "Server error" });
} }
}); });
router.post('/users', async (req, res) => { router.post("/", verifyToken, editProfile, async (req, res) => {
const { walletAddress, networkType, profileName, publicKey } = req.body;
try { try {
const user = new User({ const user = new Users({
address: req.body.address, walletAddress,
networkType: req.body.networkType, networkType,
profileName: req.body.profileName || 'Anonymous', profileName,
publicKey: req.body.publicKey publicKey,
}); });
await user.save(); await user.save();
res.status(201).json(user); res.status(201).json(user);
} catch (err) { } catch (error) {
if (err.code === 11000) { if (error.code === 11000) {
return res.status(400).json({ error: 'Public key already exists, are you trying to impersonate someone?' }); return res.status(400).json({
error:
"Public key already exists, are you trying to impersonate someone?",
});
} }
res.status(500).json({ error: 'Server error' }); console.error(error);
res.status(500).json({ error });
} }
}); });
router.put('/users/:publicKey', async (req, res) => { router.put("/:publicKey", verifyToken, editProfile, async (req, res) => {
const { walletAddress, networkType, profileName, publicKey } = req.body;
try { try {
const updatedUser = await User.findOneAndUpdate( const updatedUser = await Users.findOneAndUpdate(
{ publicKey: req.params.publicKey }, { publicKey },
{ {
address: req.body.address, walletAddress,
networkType: req.body.networkType, networkType,
profileName: req.body.profileName profileName,
}, },
{ new: true } { new: true },
); );
if (!updatedUser) { if (!updatedUser) {
return res.status(404).json({ error: 'User not found' }); return res.status(404).json({ error: "User not found" });
} }
res.json(updatedUser); res.json(updatedUser);
} catch (err) { } catch (error) {
res.status(500).json({ error: 'Server error' }); res.status(500).json({ error });
} }
}); });