Finish session / cookie setup
This commit is contained in:
parent
63618245e2
commit
2793e591e6
|
@ -21,7 +21,8 @@ app.use(session({
|
||||||
secret: process.env.COOKIE_SECRET,
|
secret: process.env.COOKIE_SECRET,
|
||||||
rolling: true,
|
rolling: true,
|
||||||
cookie: {
|
cookie: {
|
||||||
secure: process.env.COOKIE_SECURE,
|
secure: (process.env.COOKIE_SECRET == "true"), // All env vars are strings, so cast bool manually
|
||||||
|
sameSite: 'strict', // Browsers will reject a "secure" cookie without this
|
||||||
maxAge: 60 * 60 * 1000 // 1 hour (in milliseconds)
|
maxAge: 60 * 60 * 1000 // 1 hour (in milliseconds)
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
|
@ -52,6 +53,7 @@ app.use('/static/*', express.static(path.join(__dirname, 'clientbuild/static')))
|
||||||
// #region PASSPORT / OAUTH
|
// #region PASSPORT / OAUTH
|
||||||
|
|
||||||
const passport = require('passport');
|
const passport = require('passport');
|
||||||
|
const { getUserByEmail } = require("./tmdb.js");
|
||||||
var userProfile;
|
var userProfile;
|
||||||
|
|
||||||
app.use(passport.initialize());
|
app.use(passport.initialize());
|
||||||
|
@ -88,35 +90,39 @@ app.get('/auth/google/callback',
|
||||||
passport.authenticate('google', { failureRedirect: '/error' }),
|
passport.authenticate('google', { failureRedirect: '/error' }),
|
||||||
async function(req, res) {
|
async function(req, res) {
|
||||||
// Get user profile from passport
|
// Get user profile from passport
|
||||||
|
// This is retrieved from the callback url data ?code=...
|
||||||
let user = {
|
let user = {
|
||||||
googleId: req.user.id,
|
googleId: req.user.id,
|
||||||
asuraId: null,
|
|
||||||
name: req.user.displayName,
|
name: req.user.displayName,
|
||||||
email: req.user.emails[0].value,
|
email: req.user.emails[0].value,
|
||||||
imgurl: req.user.photos[0].value
|
imgurl: req.user.photos[0].value,
|
||||||
|
asuraId: null,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if user exists in database
|
// Check if user exists in database
|
||||||
tmdb.getUserByEmail(user.email)
|
tmdb.getUserByEmail(user.email)
|
||||||
.then(dbUser => {
|
.then(dbUser => {
|
||||||
user.asuraId = dbUser.id;
|
user.asuraId = dbUser.id; // asuraId is the database id / primary key
|
||||||
if (!dbUser.googleId) {
|
if (dbUser.googleId) {
|
||||||
// User is "preregistered" with email only, so complete the registration
|
// User is already registered with google, simply log them in
|
||||||
user.isManager = false;
|
req.session.user = dbUser;
|
||||||
tmdb.editUser(user.email, user)
|
|
||||||
.then(() => { user.asuraId = dbUser.id})
|
|
||||||
.catch(err => console.log(err));
|
|
||||||
} else {
|
} else {
|
||||||
user = dbUser;
|
// User is "preregistered" with email only, so complete the registration
|
||||||
}
|
// This step will register the name, img and googleId
|
||||||
|
user.isManager = false;
|
||||||
|
tmdb.editUser(user.email, user).catch(err => console.log(err));
|
||||||
|
|
||||||
req.session.user = user;
|
req.session.user = user;
|
||||||
|
}
|
||||||
|
|
||||||
res.json({"status": "OK", "data": user});
|
res.json({"status": "OK", "data": user});
|
||||||
|
return;
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
// User is neither registered nor preregistered
|
// User is not in the database at all, do not give them a session.
|
||||||
|
res.session.user = null;
|
||||||
res.json({"status": "error", message: "Email is not in administrator list."});
|
res.json({"status": "error", message: "Email is not in administrator list."});
|
||||||
return
|
return;
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -330,7 +336,11 @@ api.post("/team/:teamId/edit", (req, res) => {
|
||||||
// #endregion
|
// #endregion
|
||||||
|
|
||||||
//Takes JSON body
|
//Takes JSON body
|
||||||
api.post("/tournament/create", (req, res) => {
|
api.post("/tournament/create", async (req, res) => {
|
||||||
|
if (!(await isManager(req.session))) {
|
||||||
|
res.json({"status": "error", "data": "Not authorized"});
|
||||||
|
return
|
||||||
|
}
|
||||||
//Check that req body is valid
|
//Check that req body is valid
|
||||||
if (req.body.name == undefined || req.body.name == "") {
|
if (req.body.name == undefined || req.body.name == "") {
|
||||||
res.json({"status": "error", "data": "No data supplied"});
|
res.json({"status": "error", "data": "No data supplied"});
|
||||||
|
@ -390,6 +400,33 @@ api.post("/tournament/create", (req, res) => {
|
||||||
|
|
||||||
// #region users
|
// #region users
|
||||||
|
|
||||||
|
function isLoggedIn(session) {
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
if (session.user == undefined || session.user.googleId == undefined) {
|
||||||
|
return resolve(false);
|
||||||
|
}
|
||||||
|
let googleId = session.user.googleId;
|
||||||
|
|
||||||
|
tmdb.getUserByGoogleId(googleId)
|
||||||
|
.then(user => {return resolve(user != undefined) })
|
||||||
|
.catch(err => {resolve(false) });
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function isManager(session) {
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
if (session.user == undefined || session.user.googleId == undefined) {
|
||||||
|
return resolve(false);
|
||||||
|
}
|
||||||
|
let googleId = session.user.googleId;
|
||||||
|
tmdb.getUserByGoogleId(googleId)
|
||||||
|
.then(user => {return resolve(user.isManager) })
|
||||||
|
.catch(err => {resolve(false) });
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
api.get("/users/getSessionUser", (req, res) => {
|
api.get("/users/getSessionUser", (req, res) => {
|
||||||
if (req.session.user) {
|
if (req.session.user) {
|
||||||
res.json({"status": "OK", "data": req.session.user});
|
res.json({"status": "OK", "data": req.session.user});
|
||||||
|
@ -415,8 +452,12 @@ api.get("/users/getUsers", (req, res) => {
|
||||||
.catch(err => res.json({"status": "error", "data": err}));
|
.catch(err => res.json({"status": "error", "data": err}));
|
||||||
});
|
});
|
||||||
|
|
||||||
api.post("/users/createBlank", (req, res) => {
|
api.post("/users/createBlank", async (req, res) => {
|
||||||
let email = req.body.newUserEmail;
|
if (!(await isManager(req.session))) {
|
||||||
|
res.json({"status": "error", "data": "Not authorized"});
|
||||||
|
return
|
||||||
|
}
|
||||||
|
let email = req.body.email;
|
||||||
// Check if the user already exists
|
// Check if the user already exists
|
||||||
tmdb.getUserByEmail(email)
|
tmdb.getUserByEmail(email)
|
||||||
.then(user => {
|
.then(user => {
|
||||||
|
@ -439,15 +480,35 @@ api.post("/users/createBlank", (req, res) => {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
api.post("/users/edit", (req, res) => {
|
api.post("/users/changeManagerStatus", async (req, res) => {
|
||||||
|
if (!await isManager(req.session)) {
|
||||||
|
res.json({"status": "error", "data": "Not authorized"});
|
||||||
|
return
|
||||||
|
}
|
||||||
|
let emailAddress = req.body.emailAddress;
|
||||||
|
let isManager = req.body.isManager;
|
||||||
|
|
||||||
|
|
||||||
|
tmdb.getUserByEmail(emailAddress)
|
||||||
|
.then(user => {
|
||||||
|
tmdb.changeManagerStatus(user.id, isManager)
|
||||||
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
||||||
|
.catch(err => res.json({"status": "error", "data": err}));
|
||||||
|
})
|
||||||
|
.catch(err => {
|
||||||
|
console.log(err);
|
||||||
|
res.json({"status": "error", "data": "Could not update the specified user"});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
api.get("/dumpsession", (req, res) => {
|
api.get("/dumpsession", async (req, res) => {
|
||||||
let out = {};
|
let out = {};
|
||||||
out.session = req.session;
|
out.session = req.session;
|
||||||
out.header = req.headers;
|
out.header = req.headers;
|
||||||
|
out.isLoggedIn = await isLoggedIn(req.session);
|
||||||
|
out.isManager = await isManager(req.session);
|
||||||
|
console.log(out);
|
||||||
res.json(out);
|
res.json(out);
|
||||||
});
|
});
|
||||||
// #endregion
|
// #endregion
|
|
@ -446,6 +446,9 @@ function getUsers () {
|
||||||
console.log(err);
|
console.log(err);
|
||||||
reject(err);
|
reject(err);
|
||||||
} else {
|
} else {
|
||||||
|
users.forEach((user, index) => {
|
||||||
|
this[index].isManager = (this[index].isManager == 1);
|
||||||
|
});
|
||||||
resolve(users);
|
resolve(users);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -462,6 +465,7 @@ function getUserByGoogleId(googleId) {
|
||||||
if (users.length == 0) {
|
if (users.length == 0) {
|
||||||
reject("No such user exists");
|
reject("No such user exists");
|
||||||
}
|
}
|
||||||
|
users[0].isManager = users[0].isManager == 1;
|
||||||
resolve(users[0]);
|
resolve(users[0]);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -479,6 +483,7 @@ function getUserByEmail(email) {
|
||||||
reject("No such user exists");
|
reject("No such user exists");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
users[0].isManager = users[0].isManager == 1;
|
||||||
resolve(users[0]);
|
resolve(users[0]);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue