diff --git a/src/services/authService.js b/src/services/authService.js index dc5bb90..cc7efd1 100644 --- a/src/services/authService.js +++ b/src/services/authService.js @@ -3,7 +3,7 @@ const jwt = require("jsonwebtoken"); const userModel = require("../models/user"); const AppError = require("../utils/appError"); const configManager = require("../utils/configManager"); -const validate = require("../utils/validate"); +const validate = require("../utils/validate_legacy"); const JWT_Secret = configManager.getJWTSecret(); diff --git a/src/services/modService.js b/src/services/modService.js index b1611d5..739b217 100644 --- a/src/services/modService.js +++ b/src/services/modService.js @@ -1,6 +1,6 @@ const model = require("../models/mod"); const AppError = require("../utils/appError"); -const { validateModData } = require("../utils/validate"); +const { validateModData } = require("../utils/validate_legacy"); const { mdToHtml } = require("../utils/convert"); const { sanitizeModData } = require("../utils/sanitize"); diff --git a/src/services/userService.js b/src/services/userService.js index a8eea3c..1eb2ca5 100644 --- a/src/services/userService.js +++ b/src/services/userService.js @@ -1,6 +1,6 @@ const model = require("../models/user"); const AppError = require("../utils/appError"); -const { validateUserData } = require("../utils/validate"); +const { validateUserData } = require("../utils/validate_legacy"); const { sanitizeUserData } = require("../utils/sanitize"); async function getAllUsers() { diff --git a/src/utils/crypto.js b/src/utils/crypto.js new file mode 100644 index 0000000..be1ffc5 --- /dev/null +++ b/src/utils/crypto.js @@ -0,0 +1,61 @@ +// --- Imports --- +const jwt = require("jsonwebtoken"); +const bcrypt = require("bcrypt"); +const { getConfig, getJWTSecret } = require("./configManager"); + + +// --- Config --- + +// Declarations +let JWT_Secret; +let token_expiry; +// Constant values +const saltRounds = 12; +// Load +(async () => { + const config = await getConfig(); + JWT_Secret = await getJWTSecret(); + token_expiry = config.auth.tokenExpiry; + signature_algorithm = config.auth.signatureAlgorithm; +})(); + + +// --- Functions --- + +async function hashPassword(passwd) { + const hash = bcrypt.hashSync(passwd, saltRounds); + return hash; +} + + +async function passwordsMatch(password, hashed_password) { + return await bcrypt.compare(password, hashed_password); +} + + +async function signToken(payload, options = null) { + if (options == null) { + return jwt.sign(payload, JWT_Secret, { expiresIn: token_expiry, }); + } + else { + return jwt.sign(payload, JWT_Secret, options); + } + +} + + +function verifyToken(token) { + return new Promise( async (resolve, reject) => { + await jwt.verify( token, JWT_Secret, (err, user) => { + if (err) { + reject(err); + } else { + resolve(user); + } + }); + }); +} + + +// --- Exports --- +module.exports = { passwordsMatch, hashPassword, verifyToken, signToken }; \ No newline at end of file diff --git a/src/utils/validate.js b/src/utils/validate.js index 63c605b..b7c3519 100644 --- a/src/utils/validate.js +++ b/src/utils/validate.js @@ -1,82 +1,32 @@ -const mod_model = require("../models/mod"); -const user_model = require("../models/user"); +// --- Imports --- const AppError = require("./appError"); -async function validateModData(mod_data) { - //TODO WIP - // Check fields existence - const not_null = mod_data && - Object.keys(mod_data).length == 5 && - mod_data.name && - mod_data.displayName && - mod_data.author && - mod_data.versions != null; - - // mod_data.otherInfos != null && - // Object.keys(mod_data.otherInfos).length == 0 && - // mod_data.otherInfos.description != null && - // mod_data.otherInfos.links != null && - // mod_data.otherInfos.tags != null && - // mod_data.otherInfos.screenshots != null && - // mod_data.otherInfos.license != null && - // mod_data.otherInfos.changelogs != null; - if (!not_null) { - console.debug("Item is missing expected fields:", mod_data); - throw new AppError(400, "Bad request", "Missing expected fields"); - } +// --- Functions --- - // Check fields format (check if sanitized) - const is_valid_name = /^[a-zA-Z0-9_]+$/.test(mod_data.name); - const is_valid_displayName = true; - // const is_valid_displayName = /^[a-zA-Z0-9_]+$/.test(mod_data.name); // Temporary - // const - - const is_valid = is_valid_name && is_valid_displayName; - if (!is_valid) { - console.debug("Fields are not following the expected formats"); - throw new AppError(400, "Bad request", "The provided fields don't match the expected format"); - } +async function validateNewModData(mod_data) { + + throw new AppError(501, "Not implemented"); + //TODO + // try { + // node_schemas.validateNewModData(node_data); + // } catch (err) { + // throw new AppError(400, "Missing or invalid fields", "Bad request", err); + // } - // Check if mod already exists - const exists = await mod_model.exists(mod_data.name); - if (exists) { - console.debug("Error: Item already exists"); - throw new AppError(403, "Forbidden", "Content with this name already exists"); - } } -async function validateUserData(user_data) { +async function validateNewUserData(user_data) { + throw new AppError(501, "Not implemented"); - //TODO + // try { + // node_schemas.validateNewUserData(node_data); + // } catch (err) { + // throw new AppError(400, "Missing or invalid fields", "Bad request", err); + // } - // Check fields existence - // ... - - if (!not_null) { - console.debug("Missing expected fields:", mod_data); - throw new AppError(400, "Bad request: Missing expected fields"); - } - - // Check fields format (check if sanitized) - const is_valid_username = /^[a-zA-Z0-9_]+$/.test(user_data.username); - // const is_valid_email = ... - // ... - - const is_valid = is_valid_username && is_valid_email; - if (!is_valid) { - console.debug("Fields are not following the expected formats"); - throw new AppError(400, "Bad request: The provided fields don't match the expected format"); - } - - // Check if user already exists - const exists = await user_model.exists(user_data.username); - if (exists) { - console.debug("Error: User already exists"); - throw new AppError(403, "Forbidden: User with this name already exists"); - } } async function validateCretendials(identifier, password) { @@ -84,6 +34,9 @@ async function validateCretendials(identifier, password) { throw new AppError(501, "Not implemented"); } + +// --- Utils --- + async function isEmail(text) { const email_regex = /^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$/; return email_regex.test(text); @@ -95,4 +48,4 @@ async function isID(text) { } -module.exports = { validateModData, validateUserData, isEmail, isID }; \ No newline at end of file +module.exports = { validateNewModData, validateNewUserData, isEmail, isID }; \ No newline at end of file diff --git a/src/utils/validate_legacy.js b/src/utils/validate_legacy.js new file mode 100644 index 0000000..63c605b --- /dev/null +++ b/src/utils/validate_legacy.js @@ -0,0 +1,98 @@ +const mod_model = require("../models/mod"); +const user_model = require("../models/user"); +const AppError = require("./appError"); + +async function validateModData(mod_data) { + //TODO WIP + // Check fields existence + const not_null = mod_data && + Object.keys(mod_data).length == 5 && + mod_data.name && + mod_data.displayName && + mod_data.author && + mod_data.versions != null; + + // mod_data.otherInfos != null && + // Object.keys(mod_data.otherInfos).length == 0 && + // mod_data.otherInfos.description != null && + // mod_data.otherInfos.links != null && + // mod_data.otherInfos.tags != null && + // mod_data.otherInfos.screenshots != null && + // mod_data.otherInfos.license != null && + // mod_data.otherInfos.changelogs != null; + + if (!not_null) { + console.debug("Item is missing expected fields:", mod_data); + throw new AppError(400, "Bad request", "Missing expected fields"); + } + + // Check fields format (check if sanitized) + const is_valid_name = /^[a-zA-Z0-9_]+$/.test(mod_data.name); + const is_valid_displayName = true; + // const is_valid_displayName = /^[a-zA-Z0-9_]+$/.test(mod_data.name); // Temporary + // const + + const is_valid = is_valid_name && is_valid_displayName; + if (!is_valid) { + console.debug("Fields are not following the expected formats"); + throw new AppError(400, "Bad request", "The provided fields don't match the expected format"); + } + + // Check if mod already exists + const exists = await mod_model.exists(mod_data.name); + if (exists) { + console.debug("Error: Item already exists"); + throw new AppError(403, "Forbidden", "Content with this name already exists"); + } +} + + +async function validateUserData(user_data) { + throw new AppError(501, "Not implemented"); + + //TODO + + // Check fields existence + // ... + + if (!not_null) { + console.debug("Missing expected fields:", mod_data); + throw new AppError(400, "Bad request: Missing expected fields"); + } + + // Check fields format (check if sanitized) + const is_valid_username = /^[a-zA-Z0-9_]+$/.test(user_data.username); + // const is_valid_email = ... + // ... + + const is_valid = is_valid_username && is_valid_email; + if (!is_valid) { + console.debug("Fields are not following the expected formats"); + throw new AppError(400, "Bad request: The provided fields don't match the expected format"); + } + + // Check if user already exists + const exists = await user_model.exists(user_data.username); + if (exists) { + console.debug("Error: User already exists"); + throw new AppError(403, "Forbidden: User with this name already exists"); + } +} + +async function validateCretendials(identifier, password) { + + throw new AppError(501, "Not implemented"); +} + +async function isEmail(text) { + const email_regex = /^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$/; + return email_regex.test(text); +} + +async function isID(text) { + const id_regex = /[a-zA-Z0-9_]+/; + return id_regex.test(text); +} + + +module.exports = { validateModData, validateUserData, isEmail, isID }; \ No newline at end of file