mbkauthe 1.0.11 → 1.0.13

package/lib/main.js

@@ -63,6 +63,25 @@ const sessionConfig = {
 
 router.use(session(sessionConfig));
 
+
+router.use(async (req, res, next) => {
+  if (req.session && req.session.user) {
+    res.cookie("username", req.session.user.username, {
+      maxAge: COOKIE_EXPIRE_TIME,
+      path: '/', // Ensure the cookie is available on all paths
+      DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
+      secure: mbkautheVar.IS_DEPLOYED === 'true',
+    });
+    res.cookie("sessionId", req.session.user.sessionId, {
+      maxAge: COOKIE_EXPIRE_TIME,
+      path: '/',
+      DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
+      secure: mbkautheVar.IS_DEPLOYED === 'true',
+    });
+  }
+  next();
+});
+
 // Middleware to handle session restoration from sessionId cookie
 router.use(async (req, res, next) => {
   if (!req.session.user && req.cookies.sessionId) {
@@ -76,6 +95,9 @@ router.use(async (req, res, next) => {
         req.session.user = {
           id: user.id,
           username: user.UserName,
+          UserName: user.UserName,
+          Role: user.Role,
+          role: user.Role,
           sessionId,
         };
         console.log(`Session restored for user: ${user.UserName}`);
@@ -100,9 +122,7 @@ router.post("/mbkauthe/api/terminateAllSessions", authenticate(mbkautheVar.Main_
     req.session.destroy((err) => {
       if (err) {
         console.log("Error destroying session:", err);
-        return res
-          .status(500)
-          .json({ success: false, message: "Failed to terminate sessions" });
+        return res.status(500).json({ success: false, message: "Failed to terminate sessions" });
       }
       console.log("All sessions terminated successfully");
       res.status(200).json({
@@ -168,7 +188,7 @@ router.post("/mbkauthe/api/login", async (req, res) => {
 
     if (userResult.rows.length === 0) {
       console.log(`Username does not exist: ${username}`);
-      return res.status(404).json({ success: false, message: "Username does not exist" });
+      return res.status(404).json({ success: false, message: "Incorrect Username Or Password" });
     }
 
     const user = userResult.rows[0];
@@ -176,7 +196,7 @@ router.post("/mbkauthe/api/login", async (req, res) => {
     // Check if the password matches
     if (user.Password !== password) {
       console.log(`Incorrect password for username: ${username}`);
-      return res.status(401).json({ success: false, message: "Incorrect password" });
+      return res.status(401).json({ success: false, message: "Incorrect Username Or Password" });
     }
 
     // Check if the account is inactive
@@ -186,14 +206,12 @@ router.post("/mbkauthe/api/login", async (req, res) => {
     }
 
 
-    if (mbkautheVar.test === "true") {
-      // Check if the user is authorized to use the application
-      if (user.Role !== "SuperAdmin") {
-        const allowedApps = user.AllowedApps;
-        if (!allowedApps || !allowedApps.includes(mbkautheVar.APP_NAME)) {
-          console.warn(`User \"${user.UserName}\" is not authorized to use the application \"${mbkautheVar.APP_NAME}\"`);
-          return res.status(403).json({ success: false, message: `You Are Not Authorized To Use The Application \"${mbkautheVar.APP_NAME}\"` });
-        }
+    // Check if the user is authorized to use the application
+    if (user.Role !== "SuperAdmin") {
+      const allowedApps = user.AllowedApps;
+      if (!allowedApps || !allowedApps.includes(mbkautheVar.APP_NAME)) {
+        console.warn(`User \"${user.UserName}\" is not authorized to use the application \"${mbkautheVar.APP_NAME}\"`);
+        return res.status(403).json({ success: false, message: `You Are Not Authorized To Use The Application \"${mbkautheVar.APP_NAME}\"` });
       }
     }
 
@@ -237,18 +255,9 @@ router.post("/mbkauthe/api/login", async (req, res) => {
     req.session.user = {
       id: user.id,
       username: user.UserName,
+      role: user.Role,
       sessionId,
     };
-    console.log(`Session stored for user: ${user.UserName}, sessionId: ${sessionId}`); // Log session storage
-
-    // Set a cookie accessible across subDOMAINs
-    res.cookie("sessionId", sessionId, {
-      maxAge: COOKIE_EXPIRE_TIME,
-      DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined, // Use DOMAIN only in production
-      httpOnly: true,
-      secure: mbkautheVar.IS_DEPLOYED === 'true', // Use secure cookies in production
-    });
-    console.log(`Cookie set for user: ${user.UserName}, sessionId: ${sessionId}`); // Log cookie setting
 
     console.log(`User "${username}" logged in successfully`);
     res.status(200).json({

package/lib/validateSessionAndRole.js

@@ -8,7 +8,7 @@ async function validateSession(req, res, next) {
       const sessionId = req.cookies.sessionId;
       const query = `SELECT * FROM "Users" WHERE "SessionId" = $1`;
       const result = await dblogin.query(query, [sessionId]);
-      const userResult= result.rows[0];
+      const userResult = result.rows[0];
 
       if (result.rows.length > 0) {
         const user = result.rows[0];
@@ -32,9 +32,9 @@ async function validateSession(req, res, next) {
 
   try {
     const { id, sessionId } = req.session.user;
-    const query = `SELECT "SessionId", "Active", "AllowedApps" FROM "Users" WHERE "id" = $1`;
+    const query = `SELECT "SessionId", "Active", "Role", "AllowedApps" FROM "Users" WHERE "id" = $1`;
     const result = await dblogin.query(query, [id]);
-    const userResult= result.rows[0];
+    const userResult = result.rows[0];
 
     if (result.rows.length === 0 || userResult.SessionId !== sessionId) {
       console.log(`Session invalidated for user "${req.session.user.username}"`);
@@ -56,21 +56,16 @@ async function validateSession(req, res, next) {
       });
     }
 
-    if (mbkautheVar.test === "true") {
-      if (userResult.Role !== "SuperAdmin") {
-        const allowedApps = userResult.AllowedApps;
-        if (!allowedApps || !allowedApps.includes(mbkautheVar.APP_NAME)) {
-          console.log(`Allowed Apps for user "${req.session.user.username}": ${allowedApps}`);
-          console.log(!allowedApps);
-          console.log(!allowedApps.includes(mbkautheVar.APP_NAME));
-          console.warn(`User \"${req.session.user.username}\" is not authorized to use the application \"${mbkautheVar.APP_NAME}\"`);
-          req.session.destroy();
-          res.clearCookie("mbkauthe.sid", { domain: `.${mbkautheVar.DOMAIN}` });
-          res.clearCookie("sessionId", { domain: `.${mbkautheVar.DOMAIN}` });
-          return res.render("templates/Error/Error.handlebars", {
-            error: `You Are Not Authorized To Use The Application \"${mbkautheVar.APP_NAME}\"`,
-          });
-        }
+    if (userResult.Role !== "SuperAdmin") {
+      const allowedApps = userResult.AllowedApps;
+      if (!allowedApps || !allowedApps.includes(mbkautheVar.APP_NAME)) {
+        console.warn(`User \"${req.session.user.username}\" is not authorized to use the application \"${mbkautheVar.APP_NAME}\"`);
+        req.session.destroy();
+        res.clearCookie("mbkauthe.sid", { domain: `.${mbkautheVar.DOMAIN}` });
+        res.clearCookie("sessionId", { domain: `.${mbkautheVar.DOMAIN}` });
+        return res.render("templates/Error/Error.handlebars", {
+          error: `You Are Not Authorized To Use The Application \"${mbkautheVar.APP_NAME}\"`,
+        });
       }
     }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "1.0.11",
+  "version": "1.0.13",
   "description": "MBKTechStudio's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",