fyb/zkl-ccir
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
a920a7d21a97796d6864115dfc625ac28a4cc043
zkl-ccir/routes/auth.route.js
Yigid BALABAN a920a7d21a Initial commit 
users route is incomplete
can auth using SIWE and SIWS when used with zkl-roadhog
more to come...
2024-10-01 22:46:45 +03:00

100 lines
3.0 KiB
JavaScript
Raw Blame History

const express = require('express');
const router = express.Router({ mergeParams: true });
const siwe = require('siwe');
const bs58 = require('bs58');
const nacl = require('tweetnacl');
const { Nonce, AuthToken } = require('../models/index.js');
const { generateNonce, generateBearerToken } = require('../utils/index.js');
router.get('/nonce', async (req, res) => {
const { address, type } = req.query;
if (!address || !type) {
return res.status(400).json({ error: 'Missing address or type' });
}
if (type !== 'ethereum' && type !== 'solana') {
return res.status(400).json({ error: 'Invalid type. Must be "ethereum" or "solana"' });
}
const nonce = generateNonce();
try {
await Nonce.findOneAndUpdate(
{ address, type },
{ address, nonce, type },
{ upsert: true, new: true }
);
res.json({ nonce });
} catch (error) {
res.status(500).json({ error: 'Server error' });
}
});
router.post('/verify', async (req, res) => {
const { type, message, address, signature } = req.body;
if (!type || !address || !signature) {
return res.status(400).json({error: 'Missing type, address or signature'});
}
const nonce = await Nonce.findOne({ address }).lean().select('-__v -updatedAt');
try {
if (type === 'ethereum') {
if (!message) {
return res.status(400).json({ error: 'Missing SiweMessage' });
}
const siweMessage = new siwe.SiweMessage(message);
const fields = await siweMessage.verify({ signature, nonce: nonce.nonce });
if (address == fields.address)
throw new Error('Invalid signature');
} else if (type === 'solana') {
const signatureUint8 = bs58.default.decode(signature);
const messageUint8 = new TextEncoder().encode(nonce.nonce);
const publicKeyUint8 = bs58.default.decode(address);
const isValid = nacl.sign.detached.verify(messageUint8, signatureUint8, publicKeyUint8);
if (!isValid) {
throw new Error('Invalid signature');
}
} else {
return res.status(400).json({ error: 'Invalid type. Must be "ethereum" or "solana"' });
}
const auth_token = generateBearerToken();
await AuthToken.findOneAndUpdate(
{ address, type },
{ auth_token, createdAt: new Date() },
{ upsert: true, new: true, setDefaultsOnInsert: true }
);
await Nonce.deleteOne({ address, type });
res.json({ auth_token });
} catch (error) {
res.status(400).json({ error: `${error.message}, ${error.stack}` });
}
});
router.delete('/auth/signoff', async (req, res) => {
const authHeader = req.headers['authorization'];
const token = authHeader && authHeader.split(' ')[1];
if (!token) {
return res.status(400).json({ error: 'Missing authorization token in header'});
}
const deletedAuth = AuthToken.findOneAndDelete({ auth_token: token });
if (!deletedAuth) {
return res.status(400).json({ error: 'Can\'t log out, not logged in?' });
}
return res.status(204).json({ error: 'Logged out successfully.' });
});
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink