fixed mongo issues, why does it need to end with s???

added expiry times to jwt
decided against adding refresh tokens due to they not being that usefull in our architecture
2023-12-27 20:03:22 +01:00 · 2023-12-27 18:44:09 +01:00 · 2023-12-27 18:29:20 +01:00 · 2023-12-27 18:20:11 +01:00
7 changed files with 109 additions and 18 deletions
--- a/compose.yaml
+++ b/compose.yaml
@ -27,6 +27,7 @@ services:
      MONGODB_URI: "mongodb://mongodb:27017/bot"
      MONGODB_USER: "root"
      MONGODB_PASS: "password"
+      JWTSECRET: "cooljwtsecret"
    volumes:
      - ./:/usr/src/app:ro

--- a/mongo-init.js
+++ b/mongo-init.js
@ -1,24 +1,30 @@
 db.createUser({
-    user: 'root',
-    pwd: 'password',
-    roles: [
-        {
-            role: 'readWrite',
-            db: 'admin',
-        },
-        {
-            role: 'readWrite',
-            db: 'bot',
-        },
-    ],
+  user: "root",
+  pwd: "password",
+  roles: [
+    {
+      role: "readWrite",
+      db: "admin",
+    },
+    {
+      role: "readWrite",
+      db: "bot",
+    },
+  ],
 });

 db = new Mongo().getDB("bot");

-db.images.createIndex({ "status": 1 });
-db.images.createIndex({ "url": 1 }, { "unique": true });
+db.images.createIndex({ status: 1 });
+db.images.createIndex({ url: 1 }, { unique: true });
 db.images.insert({
-    url: "https://example.com",
-    status: "consumed",
-    tags: ["2girls", "sleeping"]
-});
+  url: "https://example.com",
+  status: "consumed",
+  tags: ["2girls", "sleeping"],
+});
+
+db.authorizations.createIndex({ app: 1 });
+db.authorizations.insert({
+  app: "tester",
+  secret: "test",
+});
--- a/package.json
+++ b/package.json
@ -22,9 +22,11 @@
  "dependencies": {
    "@types/express": "^4.17.21",
    "@types/express-list-endpoints": "^6.0.3",
+    "@types/jsonwebtoken": "^9.0.5",
    "@types/mongoose": "^5.11.97",
    "express": "^4.18.2",
    "express-list-endpoints": "^6.0.0",
+    "jsonwebtoken": "^9.0.2",
    "mongoose": "^8.0.3"
  }
 }
--- a/src/controllers/AuthControler.ts
+++ b/src/controllers/AuthControler.ts
@ -0,0 +1,51 @@
+import jwt from "jsonwebtoken";
+import AuthService from "../services/AuthService";
+import { Request, Response, NextFunction } from "express";
+
+const authTokenSecret = process.env.JWTSECRET || "badsecret";
+
+class AuthControler {
+  async login(req: Request, res: Response) {
+    // Read app and secret from request body
+    const { app, secret } = req.body;
+
+    // Filter app from the apps by app and secret
+    const authenticated = await AuthService.find(app, secret);
+
+    if (authenticated) {
+      console.log("Authenticated app ", authenticated.app);
+      // Generate an access token
+      const accessToken = jwt.sign(
+        { app: authenticated.app },
+        authTokenSecret,
+        { expiresIn: "1h" }
+      );
+
+      res.json({
+        token: accessToken,
+      });
+    } else {
+      res.status(403).send("Credentials incorrect");
+    }
+  }
+
+  authorize(req: Request, res: Response, next: NextFunction) {
+    const authHeader = req.headers.authorization;
+    if (authHeader) {
+      const token = authHeader.split(" ")[1];
+
+      jwt.verify(token, authTokenSecret, (err, app) => {
+        if (err) {
+          return res.status(403).json("Invalid token provided");
+        }
+
+        console.log("Authorization provided for ", next.name, " to app ", app);
+        next();
+      });
+    } else {
+      res.status(401).json("No Authorization header provided");
+    }
+  }
+}
+
+export default new AuthControler();
--- a/src/index.ts
+++ b/src/index.ts
@ -2,6 +2,7 @@ import express from "express";
 import mongoose from "mongoose";
 import listEndpoints from "express-list-endpoints";
 import imageController from "./controllers/ImageController";
+import authControler from "./controllers/AuthControler";

 export const app = express();

@ -14,6 +15,7 @@ app.get("/", (_, res) => {

 app.get("/images", imageController.getAllImages);
 app.post("/images", imageController.addImage);
+app.post("/login", authControler.login)

 // Set the default port to 8080, or use the PORT environment variable

--- a/src/models/AuthModel.ts
+++ b/src/models/AuthModel.ts
@ -0,0 +1,19 @@
+import mongoose, { Document } from "mongoose";
+
+export interface Auth extends Document {
+  app: String,
+  secret: String
+}
+
+const AuthSchema = new mongoose.Schema({
+  app: {
+    type: String,
+    required: true,
+  },
+  secret: {
+    type: String,
+    required: true,
+  },
+});
+
+export default mongoose.model("authorizations", AuthSchema);
--- a/src/services/AuthService.ts
+++ b/src/services/AuthService.ts
@ -0,0 +1,10 @@
+import AuthModel, { Auth } from "../models/AuthModel";
+
+class AuthService {
+  async find(app: String, secret: String): Promise<Auth | null> {
+    const auth = await AuthModel.findOne({ app: app, secret: secret }).exec();
+    return auth;
+  }
+}
+
+export default new AuthService();
Author	SHA1	Message	Date
Alie	8396d597f1	fixed mongo issues, why does it need to end with s???	2023-12-27 20:03:22 +01:00
Alie	c428e956bc	added expiry times to jwt decided against adding refresh tokens due to they not being that usefull in our architecture	2023-12-27 18:44:09 +01:00
Alie	95fd50a638	added auth service	2023-12-27 18:29:20 +01:00
Alie	d8bb908b03	added basic auth controler	2023-12-27 18:20:11 +01:00