mbkauthe 1.0.13 → 1.0.15

package/README.md

@@ -4,19 +4,26 @@
 
 ## Table of Contents
 
-- [Introduction](#mbkauth)
-- [Features](#features)
-- [Installation](#installation)
-- [Usage](#usage)
-  - [Implementation in a Project](#implementation-in-a-project)
-  - [Basic Setup](#basic-setup)
-- [API Endpoints](#api-endpoints)
-  - [Login](#login)
-  - [Logout](#logout)
-  - [Terminate All Sessions](#terminate-all-sessions)
-- [Database Structure](#database-structure)
-- [License](#license)
-- [Contact & Support](#contact--support)
+- [mbkauthe](#mbkauthe)
+  - [Table of Contents](#table-of-contents)
+  - [Features](#features)
+  - [Installation](#installation)
+  - [Usage](#usage)
+    - [Implementation in a Project](#implementation-in-a-project)
+    - [Basic Setup](#basic-setup)
+  - [Middleware Function Documentation](#middleware-function-documentation)
+    - [validateSession(session)](#validatesessionsession)
+    - [checkRolePermission(userRole, requiredRoles)](#checkrolepermissionuserrole-requiredroles)
+    - [validateSessionAndRole(session, userRole, requiredRoles)](#validatesessionandrolesession-userrole-requiredroles)
+    - [getUserData(session)](#getuserdatasession)
+    - [authenticate(session)](#authenticatesession)
+  - [API Endpoints](#api-endpoints)
+    - [Login](#login)
+    - [Logout](#logout)
+    - [Terminate All Sessions](#terminate-all-sessions)
+  - [Database Structure](#database-structure)
+  - [License](#license)
+  - [Contact \& Support](#contact--support)
 
 `mbkAuthe` is a reusable authentication system for Node.js applications, designed to simplify session management, user authentication, and role-based access control. It integrates seamlessly with PostgreSQL and supports features like Two-Factor Authentication (2FA), session restoration, and reCAPTCHA verification.
 
@@ -82,6 +89,96 @@ mbkautheVar='{
 }'
 ```
 
+## Middleware Function Documentation
+
+### `validateSession(session)`
+Validates the user's session to ensure it is active and not expired.
+
+- **Parameters:**
+  - `session` (Object): The session object to validate.
+
+- **Returns:**
+  - `boolean`: Returns `true` if the session is valid, otherwise `false`.
+
+Usage
+```
+// Require vaild session or to be login to access this page
+router.get(["/home"], validateSession, (req, res) => {
+  // Restricted Code
+});
+```
+
+---
+
+### `checkRolePermission(userRole, requiredRoles)`
+Checks if the user has the required role permissions.
+
+- **Parameters:**
+  - `userRole` (string): The role of the user.
+  - `requiredRoles`(optional) (string[]): An array of roles that are allowed access.
+
+- **Returns:**
+  - `boolean`: Returns `true` if the user has the required permissions, otherwise `false`.
+
+Usage
+```
+// Require vaild session or to be login to access this page
+router.get(["/admin"], validateSession, checkRolePermission("SuperAdmin"), (req, res) => {
+  // Restricted Code
+});
+```
+---
+
+### `validateSessionAndRole(session, userRole, requiredRoles)`
+Validates both the session and the user's role permissions.
+
+- **Parameters:**
+  - `session` (Object): The session object to validate.
+  - `userRole` (string): The role of the user.
+  - `requiredRoles` (optional) (string[]): An array of roles that are allowed access.
+
+- **Returns:**
+  - `boolean`: Returns `true` if both the session and role permissions are valid, otherwise `false`.
+
+Usage
+```
+// Require vaild session or to be login to access this page
+router.get(["/admin"], validateSessionAndRole("SuperAdmin"), (req, res) => {
+  // Restricted Code
+});
+```
+---
+
+### `getUserData(session)`
+Retrieves user data based on the session.
+
+- **Parameters:**
+  - `session` (Object): The session object containing user information.
+
+- **Returns:**
+  - `Object|null`: Returns the user data object if found, otherwise `null`.
+
+---
+
+### `authenticate(session)`
+Authenticates the user by validating the session and retrieving user data.
+
+- **Parameters:**
+  - `session` (Object): The session object to authenticate.
+
+- **Returns:**
+  - `Object|null`: Returns the authenticated user data if successful, otherwise `null`.
+
+Usage
+```
+// Require vaild session or to be login to access this page
+router.post(["/terminateAllSessions"], authenticate(mbkautheVar.Password), (req, res) => {
+  // Restricted Code
+});
+```
+
+
+
 ## API Endpoints
 
 ### Login

package/docs/db.md

@@ -35,7 +35,7 @@
       "HaveMailAccount" BOOLEAN NOT NULL DEFAULT false,
       "SessionId" TEXT,
       "GuestRole" JSONB DEFAULT '{"allowPages": [""], "NotallowPages": [""]}'::jsonb
-      "AllowedApps" JSONB DEFAULT '{"allowPages": [""], "NotallowPages": [""]}'::jsonb
+      "AllowedApps" JSONB DEFAULT '["mbkauthe"]'::jsonb
   );
   ```
 

package/lib/main.js

@@ -25,7 +25,6 @@ try {
 } catch (error) {
   console.log("Error parsing COOKIE_EXPIRE_TIME:", error);
 }
-
 // Enable CORS for subdomains
 router.use((req, res, next) => {
   const origin = req.headers.origin;
@@ -122,7 +121,9 @@ router.post("/mbkauthe/api/terminateAllSessions", authenticate(mbkautheVar.Main_
     req.session.destroy((err) => {
       if (err) {
         console.log("Error destroying session:", err);
-        return res.status(500).json({ success: false, message: "Failed to terminate sessions" });
+        return res
+          .status(500)
+          .json({ success: false, message: "Failed to terminate sessions" });
       }
       console.log("All sessions terminated successfully");
       res.status(200).json({
@@ -184,7 +185,6 @@ router.post("/mbkauthe/api/login", async (req, res) => {
     // Query to check if the username exists
     const userQuery = `SELECT * FROM "Users" WHERE "UserName" = $1`;
     const userResult = await dblogin.query(userQuery, [username]);
-    console.log("User query result:", userResult.rows); // Log user query result
 
     if (userResult.rows.length === 0) {
       console.log(`Username does not exist: ${username}`);
@@ -259,6 +259,15 @@ router.post("/mbkauthe/api/login", async (req, res) => {
       sessionId,
     };
 
+    res.cookie("sessionId", sessionId, {
+      maxAge: COOKIE_EXPIRE_TIME,
+      path: '/',
+      DOMAIN: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
+      secure: mbkautheVar.IS_DEPLOYED === 'true',
+    });
+    console.log(req.session.user);
+
+
     console.log(`User "${username}" logged in successfully`);
     res.status(200).json({
       success: true,

package/lib/validateSessionAndRole.js

@@ -25,6 +25,9 @@ async function validateSession(req, res, next) {
   }
 
   if (!req.session.user) {
+    
+    console.log("User not authenticated");
+    console.log(req.session.user);
     return res.render("templates/Error/NotLoggedIn.handlebars", {
       currentUrl: req.originalUrl,
     });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "1.0.13",
+  "version": "1.0.15",
   "description": "MBKTechStudio's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",