mbkauthe 1.0.12 → 1.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/main.js +27 -10
- package/lib/validateSessionAndRole.js +3 -0
- package/package.json +1 -1
package/lib/main.js
CHANGED
|
@@ -25,7 +25,6 @@ try {
|
|
|
25
25
|
} catch (error) {
|
|
26
26
|
console.log("Error parsing COOKIE_EXPIRE_TIME:", error);
|
|
27
27
|
}
|
|
28
|
-
|
|
29
28
|
// Enable CORS for subdomains
|
|
30
29
|
router.use((req, res, next) => {
|
|
31
30
|
const origin = req.headers.origin;
|
|
@@ -63,6 +62,25 @@ const sessionConfig = {
|
|
|
63
62
|
|
|
64
63
|
router.use(session(sessionConfig));
|
|
65
64
|
|
|
65
|
+
|
|
66
|
+
router.use(async (req, res, next) => {
|
|
67
|
+
if (req.session && req.session.user) {
|
|
68
|
+
res.cookie("username", req.session.user.username, {
|
|
69
|
+
maxAge: COOKIE_EXPIRE_TIME,
|
|
70
|
+
path: '/', // Ensure the cookie is available on all paths
|
|
71
|
+
DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
|
|
72
|
+
secure: mbkautheVar.IS_DEPLOYED === 'true',
|
|
73
|
+
});
|
|
74
|
+
res.cookie("sessionId", req.session.user.sessionId, {
|
|
75
|
+
maxAge: COOKIE_EXPIRE_TIME,
|
|
76
|
+
path: '/',
|
|
77
|
+
DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
|
|
78
|
+
secure: mbkautheVar.IS_DEPLOYED === 'true',
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
next();
|
|
82
|
+
});
|
|
83
|
+
|
|
66
84
|
// Middleware to handle session restoration from sessionId cookie
|
|
67
85
|
router.use(async (req, res, next) => {
|
|
68
86
|
if (!req.session.user && req.cookies.sessionId) {
|
|
@@ -167,11 +185,10 @@ router.post("/mbkauthe/api/login", async (req, res) => {
|
|
|
167
185
|
// Query to check if the username exists
|
|
168
186
|
const userQuery = `SELECT * FROM "Users" WHERE "UserName" = $1`;
|
|
169
187
|
const userResult = await dblogin.query(userQuery, [username]);
|
|
170
|
-
console.log("User query result:", userResult.rows); // Log user query result
|
|
171
188
|
|
|
172
189
|
if (userResult.rows.length === 0) {
|
|
173
190
|
console.log(`Username does not exist: ${username}`);
|
|
174
|
-
return res.status(404).json({ success: false, message: "Username
|
|
191
|
+
return res.status(404).json({ success: false, message: "Incorrect Username Or Password" });
|
|
175
192
|
}
|
|
176
193
|
|
|
177
194
|
const user = userResult.rows[0];
|
|
@@ -179,7 +196,7 @@ router.post("/mbkauthe/api/login", async (req, res) => {
|
|
|
179
196
|
// Check if the password matches
|
|
180
197
|
if (user.Password !== password) {
|
|
181
198
|
console.log(`Incorrect password for username: ${username}`);
|
|
182
|
-
return res.status(401).json({ success: false, message: "Incorrect
|
|
199
|
+
return res.status(401).json({ success: false, message: "Incorrect Username Or Password" });
|
|
183
200
|
}
|
|
184
201
|
|
|
185
202
|
// Check if the account is inactive
|
|
@@ -238,18 +255,18 @@ router.post("/mbkauthe/api/login", async (req, res) => {
|
|
|
238
255
|
req.session.user = {
|
|
239
256
|
id: user.id,
|
|
240
257
|
username: user.UserName,
|
|
258
|
+
role: user.Role,
|
|
241
259
|
sessionId,
|
|
242
260
|
};
|
|
243
|
-
console.log(`Session stored for user: ${user.UserName}, sessionId: ${sessionId}`); // Log session storage
|
|
244
261
|
|
|
245
|
-
// Set a cookie accessible across subDOMAINs
|
|
246
262
|
res.cookie("sessionId", sessionId, {
|
|
247
263
|
maxAge: COOKIE_EXPIRE_TIME,
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
secure: mbkautheVar.IS_DEPLOYED === 'true',
|
|
264
|
+
path: '/',
|
|
265
|
+
DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
|
|
266
|
+
secure: mbkautheVar.IS_DEPLOYED === 'true',
|
|
251
267
|
});
|
|
252
|
-
console.log(
|
|
268
|
+
console.log(req.session.user);
|
|
269
|
+
|
|
253
270
|
|
|
254
271
|
console.log(`User "${username}" logged in successfully`);
|
|
255
272
|
res.status(200).json({
|
|
@@ -25,6 +25,9 @@ async function validateSession(req, res, next) {
|
|
|
25
25
|
}
|
|
26
26
|
|
|
27
27
|
if (!req.session.user) {
|
|
28
|
+
|
|
29
|
+
console.log("User not authenticated");
|
|
30
|
+
console.log(req.session.user);
|
|
28
31
|
return res.render("templates/Error/NotLoggedIn.handlebars", {
|
|
29
32
|
currentUrl: req.originalUrl,
|
|
30
33
|
});
|