@agilesoft/ags_authrest2 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +1 -0
  2. package/claudia.json +0 -0
  3. package/index.js +331 -0
  4. package/package.json +29 -0
package/README.md ADDED
@@ -0,0 +1 @@
1
+ This version has been deprecated
package/claudia.json ADDED
File without changes
package/index.js ADDED
@@ -0,0 +1,331 @@
1
+ // "use strict";
2
+ const jwt = require("jsonwebtoken");
3
+ const date = require("date-and-time");
4
+ var CryptoJS = require("crypto-js");
5
+ var crypto = require("crypto");
6
+ const { v4: uuidv4 } = require("uuid");
7
+ require("dotenv").config();
8
+ var isBase64 = require("is-base64");
9
+ // default env request_token
10
+ // R_USER = `karan_ags_ci`;
11
+ // R_PASS = `12345678`;
12
+
13
+ var R_USER = process.env.R_USER || `karan_ags_ci`;
14
+ var R_PASS = process.env.R_PASS || `12345678`;
15
+ var R_PATH = process.env.R_PATH || `/request_token`;
16
+ var R_TOKEN = process.env.SECERT_JWT || `12345678`;
17
+
18
+ async function SECRET(secretOrKey) {
19
+ return new Promise(function (resolve, reject) {
20
+ var dateNow = new Date();
21
+ var DateString = dateNow.toUTCString();
22
+ var encrept = CryptoJS.HmacSHA256(
23
+ date.format(dateNow, "MM/DD"),
24
+ secretOrKey
25
+ ).toString();
26
+ return resolve(encrept);
27
+ });
28
+ }
29
+
30
+ var arr = [];
31
+
32
+ function check(token) {
33
+ return new Promise(function (resolve, reject) {
34
+ for (let index = 0; index < arr.length; index++) {
35
+ const element = arr[index];
36
+ if (element == token) {
37
+ return resolve(true);
38
+ }
39
+ }
40
+ return resolve(false);
41
+ });
42
+ }
43
+
44
+ async function encrypt(secretRaw, decryptedMessage) {
45
+ return new Promise(function (resolve, reject) {
46
+ (async () => {
47
+ try {
48
+ var secret = await SECRET(secretRaw);
49
+ var cipher = crypto.createCipheriv(
50
+ "AES-256-CBC",
51
+ secret.substr(0, 32),
52
+ secret.substr(0, 16)
53
+ );
54
+ // console.log(`secert encryp is ${secret}`);
55
+ let encrypted = cipher.update(decryptedMessage, "utf8", "base64");
56
+ encrypted += cipher.final("base64");
57
+ return resolve(encrypted);
58
+ } catch (err) {
59
+ console.log("err");
60
+ console.log(err);
61
+ return reject(err);
62
+ }
63
+ })();
64
+ });
65
+ }
66
+
67
+ async function decrypt(encryptedMessage, secretOption) {
68
+ if (secretOption === "" || secretOption === undefined) {
69
+ secretOption = R_TOKEN;
70
+ }
71
+ return new Promise(function (resolve, reject) {
72
+ (async () => {
73
+ try {
74
+ var secret = await SECRET(secretOption);
75
+ var decipher = crypto.createDecipheriv(
76
+ "AES-256-CBC",
77
+ secret.substr(0, 32),
78
+ secret.substr(0, 16)
79
+ );
80
+ // console.log(`secert decipher is ${secret}`);
81
+ let decrypted = decipher.update(encryptedMessage, "base64", "utf8");
82
+ return resolve(decrypted + decipher.final("utf8"));
83
+ } catch (err) {
84
+ console.log("err");
85
+ console.log(err);
86
+ return reject(err);
87
+ }
88
+ })();
89
+ });
90
+ }
91
+
92
+ class Auth {
93
+ constructor() {}
94
+
95
+ Middleware(req, res, next) {
96
+ (async () => {
97
+ var headersEncrypter = false;
98
+ var bodyOriginal = req.body;
99
+ if (req.headers.authorization) {
100
+ let findSecurity = req.headers.authorization.indexOf("securityAgs");
101
+ if (findSecurity == -1) {
102
+ const isb64 = isBase64(bodyOriginal.encrypData);
103
+ if (isb64) {
104
+ req.headers.authorization = await decrypt(
105
+ req.headers.authorization
106
+ );
107
+ headersEncrypter = true;
108
+ }
109
+ } else {
110
+ const replaceStr = req.headers.authorization.replace(
111
+ /securityAgs/g,
112
+ "/"
113
+ );
114
+ const isb64 = isBase64(bodyOriginal.encrypData);
115
+ // console.log(isb64);
116
+ // console.log("decrypt header");
117
+ if (isb64) {
118
+ req.headers.authorization = await decrypt(replaceStr);
119
+ headersEncrypter = true;
120
+ }
121
+ }
122
+ jwt.verify(
123
+ req.headers.authorization,
124
+ await SECRET(R_TOKEN),
125
+ (err, payload) => {
126
+ (async () => {
127
+ if (err) {
128
+ console.log(err);
129
+ return res.sendStatus(400);
130
+ } else {
131
+ var isExpiredToken = false;
132
+
133
+ var dateNow = new Date();
134
+
135
+ if (payload.exp < dateNow.getTime()) {
136
+ isExpiredToken = true;
137
+ }
138
+ if (payload.sub === R_USER && isExpiredToken === false) {
139
+ const chk = await check(req.headers.authorization);
140
+ // console.log(chk);
141
+ arr.push(req.headers.authorization);
142
+ if (
143
+ chk == true &&
144
+ req.headers.testdev !== true &&
145
+ req.headers.testdev !== "true"
146
+ ) {
147
+ return res.send("duplicate token");
148
+ }
149
+ if (arr.length > 200) {
150
+ arr = [];
151
+ }
152
+ // console.log(`headersEncrypter ${headersEncrypter}`);
153
+ if (headersEncrypter === true) {
154
+ if (bodyOriginal.encrypData) {
155
+ const isb64 = isBase64(bodyOriginal.encrypData);
156
+ if (isb64) {
157
+ const result = await decrypt(bodyOriginal.encrypData);
158
+ try {
159
+ req.body = JSON.parse(result);
160
+ next();
161
+ } catch (error) {
162
+ req.body = error;
163
+ next();
164
+ }
165
+ } else {
166
+ req.body = { result: `isb64 false` };
167
+ next();
168
+ }
169
+ } else {
170
+ req.body = { result: "no encrypData" };
171
+ next();
172
+ }
173
+ } else {
174
+ next();
175
+ }
176
+ } else {
177
+ return res.sendStatus(400);
178
+ }
179
+ }
180
+ })();
181
+ }
182
+ );
183
+ } else {
184
+ // console.log("bypass");
185
+ // next();
186
+ return res.sendStatus(400);
187
+ }
188
+ })();
189
+ }
190
+
191
+ RequestToken(req, res, next) {
192
+ // console.log(req.body.username, req.body.password, req.path);
193
+ // console.log(R_USER, R_PASS, R_PATH);
194
+ if (
195
+ req.body.username === R_USER &&
196
+ req.body.password === R_PASS &&
197
+ (req.path === R_PATH || req.path === `/${R_PATH}`)
198
+ ) {
199
+ (async () => {
200
+ const payload = {
201
+ sub: R_USER,
202
+ iat: new Date().getTime(),
203
+ };
204
+ res.send(
205
+ jwt.sign(payload, await SECRET(R_TOKEN), {
206
+ expiresIn: "1d",
207
+ jwtid: uuidv4(),
208
+ })
209
+ );
210
+ })();
211
+ } else {
212
+ next();
213
+ }
214
+ }
215
+
216
+ GenToken(secret, user) {
217
+ if (secret === "" || secret === undefined) {
218
+ secret = R_TOKEN;
219
+ }
220
+ if (user === "" || user === undefined) {
221
+ user = R_USER;
222
+ }
223
+
224
+ return new Promise(function (resolve, reject) {
225
+ (async () => {
226
+ try {
227
+ const payload = {
228
+ sub: user,
229
+ iat: new Date().getTime(),
230
+ };
231
+ return resolve(
232
+ jwt.sign(payload, await SECRET(secret), {
233
+ expiresIn: "1d",
234
+ jwtid: "uuidv4()",
235
+ })
236
+ );
237
+ } catch (error) {
238
+ reject(error);
239
+ }
240
+ })();
241
+ });
242
+ }
243
+
244
+ genTokenEncryp(secret, user) {
245
+ if (secret === "" || secret === undefined) {
246
+ secret = R_TOKEN;
247
+ }
248
+ if (user === "" || user === undefined) {
249
+ user = R_USER;
250
+ }
251
+
252
+ return new Promise(function (resolve, reject) {
253
+ (async () => {
254
+ try {
255
+ const payload = {
256
+ sub: user,
257
+ iat: new Date().getTime(),
258
+ };
259
+ const token = jwt.sign(payload, await SECRET(secret), {
260
+ expiresIn: "1d",
261
+ jwtid: uuidv4(),
262
+ });
263
+ // console.log(secret);
264
+ const encryp = await encrypt(secret, token);
265
+
266
+ return resolve(encryp.replace(/\//g, "securityAgs"));
267
+ } catch (error) {
268
+ reject(error);
269
+ }
270
+ })();
271
+ });
272
+ }
273
+
274
+ encrypbody(body, secret) {
275
+ if (secret === "" || secret === undefined) {
276
+ secret = R_TOKEN;
277
+ }
278
+
279
+ return new Promise(function (resolve, reject) {
280
+ (async () => {
281
+ try {
282
+ const encryp = await encrypt(secret, JSON.stringify(body));
283
+ const result = { encrypData: encryp };
284
+ return resolve(result);
285
+ } catch (error) {
286
+ console.log(error);
287
+ reject(error);
288
+ }
289
+ })();
290
+ });
291
+ }
292
+
293
+ // decrypbody(body, secret) {
294
+ // if (secret === "" || secret === undefined) {
295
+ // secret = R_TOKEN;
296
+ // }
297
+
298
+ // return new Promise(function (resolve, reject) {
299
+ // (async () => {
300
+ // try {
301
+ // const result = await decrypt(body, secret);
302
+ // return resolve(result);
303
+ // } catch (error) {
304
+ // console.log(error);
305
+ // reject(error);
306
+ // }
307
+ // })();
308
+ // });
309
+ // }
310
+
311
+ test(secret) {
312
+ if (secret === "" || secret === undefined) {
313
+ secret = R_TOKEN;
314
+ }
315
+ return new Promise(function (resolve, reject) {
316
+ (async () => {
317
+ try {
318
+ const encryp2 = await encrypt(R_TOKEN, "test");
319
+ console.log(encryp2);
320
+ const decrypt2 = await decrypt(encryp2);
321
+ console.log(decrypt2);
322
+ return resolve(decrypt2);
323
+ } catch (error) {
324
+ console.log(error);
325
+ reject(error);
326
+ }
327
+ })();
328
+ });
329
+ }
330
+ }
331
+ module.exports = Auth;
package/package.json ADDED
@@ -0,0 +1,29 @@
1
+ {
2
+ "name": "@agilesoft/ags_authrest2",
3
+ "version": "1.0.0",
4
+ "description": "This version has been deprecated",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1"
8
+ },
9
+ "keywords": [],
10
+ "author": "",
11
+ "license": "ISC",
12
+ "dependencies": {
13
+ "crypto-js": "4.1.1",
14
+ "date-and-time": "2.1.0",
15
+ "dotenv": "^16.0.0",
16
+ "is-base64": "^1.1.0",
17
+ "jsonwebtoken": "8.5.1",
18
+ "uuid": "^8.3.2"
19
+ },
20
+ "devDependencies": {},
21
+ "repository": {
22
+ "type": "git",
23
+ "url": "git+https://github.com/AGScorp/ags_authrest.git"
24
+ },
25
+ "bugs": {
26
+ "url": "https://github.com/AGScorp/ags_authrest/issues"
27
+ },
28
+ "homepage": "https://github.com/AGScorp/ags_authrest#readme"
29
+ }