chekc for auth and set cookie better
This commit is contained in:
parent
74019e97a6
commit
73a6565326
GPG key ID:
883EDBAA726BD96C
8 changed files with 62 additions and 17 deletions
|
|
@ -1,10 +0,0 @@
|
|||
const sessionService = require('../services/sessionService');
|
||||
|
||||
async function rejectIfNotAuthorizedMiddleware(req, res, next) {
|
||||
if (!await sessionService.isSessionAuthorized(req.cookies.sessionUuid)) {
|
||||
res.redirect('/');
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = rejectIfNotAuthorizedMiddleware;
|
||||
10
src/middlewares/redirectIfNotAuthorizedMiddleware.js
Normal file
10
src/middlewares/redirectIfNotAuthorizedMiddleware.js
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
const sessionService = require('../services/sessionService');
|
||||
|
||||
async function redirectIfNotAuthorizedMiddleware(req, res, next) {
|
||||
if (!(await sessionService.isSessionAuthorized(req.cookies.sessionUuid))) {
|
||||
res.redirect('/');
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = redirectIfNotAuthorizedMiddleware;
|
||||
|
|
@ -6,7 +6,7 @@ const constants = require('../constants');
|
|||
async function setAndPersistNewSession(res) {
|
||||
const sessionUuid = uuid.v7();
|
||||
res.cookie('sessionUuid', sessionUuid, { httpOnly: true, maxAge: constants.DEFAULT_SESSION_DURATION_SECONDS * 1000 });
|
||||
await sessionService.createSession(sessionUuid);
|
||||
return await sessionService.createSession(sessionUuid);
|
||||
}
|
||||
|
||||
async function createSessionMiddleware(req, res, next) {
|
||||
|
|
@ -17,14 +17,17 @@ async function createSessionMiddleware(req, res, next) {
|
|||
|
||||
if (!sessionUuid) {
|
||||
console.log("Found no cookie")
|
||||
await setAndPersistNewSession(res);
|
||||
const newSession = await setAndPersistNewSession(res);
|
||||
req.cookies.sessionUuid = newSession.uuid;
|
||||
|
||||
}
|
||||
|
||||
if (sessionUuid) {
|
||||
console.log(`Found a cookie ${sessionUuid}`)
|
||||
if (!(await sessionService.isSessionValid(sessionUuid))) {
|
||||
console.log("But it's not valid")
|
||||
await setAndPersistNewSession(res);
|
||||
const newSession = await setAndPersistNewSession(res);
|
||||
req.cookies.sessionUuid = newSession.uuid;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
0
src/public/javascript/createProfile.js
Normal file
0
src/public/javascript/createProfile.js
Normal file
|
|
@ -62,5 +62,8 @@ async function acceptInvite() {
|
|||
|
||||
if (verifyResponse.ok) {
|
||||
document.querySelector('#sign-up-success').style.display = 'block';
|
||||
setTimeout(() => {
|
||||
window.location.href = "/createProfile";
|
||||
}, 1000);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
const express = require('express');
|
||||
const router = express.Router();
|
||||
|
||||
const authMiddleware = require('../middlewares/authMiddleware');
|
||||
const redirectIfNotAuthorizedMiddleware = require('../middlewares/redirectIfNotAuthorizedMiddleware');
|
||||
const invitesService = require('../services/invitesService')
|
||||
|
||||
router.get('/', (req, res) => {
|
||||
|
|
@ -56,7 +56,11 @@ router.get('/invite/:inviteUuid', async (req, res) => {
|
|||
return res.render('invite', { invite });
|
||||
});
|
||||
|
||||
router.get('/private', authMiddleware, (req, res) => {
|
||||
router.get('/createProfile', redirectIfNotAuthorizedMiddleware, async (req, res) => {
|
||||
return res.status(200).render('createProfile');
|
||||
})
|
||||
|
||||
router.get('/private', redirectIfNotAuthorizedMiddleware, (req, res) => {
|
||||
res.render('private', {});
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ async function createSession(sessionUuid) {
|
|||
const expiryTimestamp = new Date(currentTimestamp.getTime());
|
||||
expiryTimestamp.setSeconds(expiryTimestamp.getSeconds() + constants.DEFAULT_SESSION_DURATION_SECONDS);
|
||||
|
||||
await SessionCreated.create({
|
||||
return await SessionCreated.create({
|
||||
uuid: sessionUuid,
|
||||
created_at: currentTimestamp.toISOString(),
|
||||
expires_at: expiryTimestamp.toISOString()
|
||||
|
|
@ -55,8 +55,25 @@ async function relateSessionToPublicKey(sessionUuid, publicKey) {
|
|||
});
|
||||
}
|
||||
|
||||
async function isSessionAuthorized(sessionUuid) {
|
||||
const isSessionRelatedToPublicKey = await SessionRelatedToPublickey.findOne(
|
||||
{
|
||||
where: {
|
||||
session_uuid: sessionUuid
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
if (isSessionRelatedToPublicKey) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
createSession,
|
||||
isSessionValid,
|
||||
relateSessionToPublicKey
|
||||
relateSessionToPublicKey,
|
||||
isSessionAuthorized
|
||||
}
|
||||
18
src/views/createProfile.ejs
Normal file
18
src/views/createProfile.ejs
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
|
||||
<head>
|
||||
<title>Crear perfil</title>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<script src="/javascript/createProfile.js"></script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<h1>Crea tu perfil</h1>
|
||||
<p>Tu clave de Nostr ya es parte de la seca.</p>
|
||||
<p>Añade detalles a tu perfil para poder empezar a comerciar.</p>
|
||||
</p>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
Loading…
Add table
Add a link
Reference in a new issue