mbkauthe 1.0.9 → 1.0.11

package/index.js

@@ -2,7 +2,12 @@ import router from "./lib/main.js";
 
 import dotenv from "dotenv";
 dotenv.config();
-const mbkautheVar = JSON.parse(process.env.mbkautheVar);
+let mbkautheVar;
+try {
+    mbkautheVar = JSON.parse(process.env.mbkautheVar);
+} catch (error) {
+    throw new Error("Invalid JSON in process.env.mbkautheVar");
+}
 if (!mbkautheVar) {
     throw new Error("mbkautheVar is not defined");
 }
@@ -27,7 +32,6 @@ if (mbkautheVar.BypassUsers !== undefined) {
     if (!Array.isArray(mbkautheVar.BypassUsers)) {
         throw new Error("mbkautheVar.BypassUsers must be a valid array");
     }
-    const BypassUsers = mbkautheVar.BypassUsers;
 }
 
 

package/lib/main.js

@@ -128,7 +128,8 @@ router.post("/mbkauthe/api/login", async (req, res) => {
   const secretKey = mbkautheVar.RECAPTCHA_SECRET_KEY;
   const verificationUrl = `https://www.google.com/recaptcha/api/siteverify?secret=${secretKey}&response=${recaptcha}`;
 
-  let BypassUsers = [mbkautheVar.BypassUsers];
+  let BypassUsers = Array.isArray(mbkautheVar.BypassUsers) ? mbkautheVar.BypassUsers : JSON.parse(mbkautheVar.BypassUsers); // Ensure it's a flat array
+
   if (mbkautheVar.RECAPTCHA_Enabled === "true") {
     if (!BypassUsers.includes(username)) {
       if (!recaptcha) {

package/lib/pool.js

@@ -3,7 +3,38 @@ const { Pool } = pkg;
 
 import dotenv from "dotenv";
 dotenv.config();
-const mbkautheVar = JSON.parse(process.env.mbkautheVar);
+
+let mbkautheVar;
+try {
+  mbkautheVar = JSON.parse(process.env.mbkautheVar);
+} catch (error) {
+  throw new Error("Invalid JSON in process.env.mbkautheVar");
+}
+if (!mbkautheVar) {
+  throw new Error("mbkautheVar is not defined");
+}
+const requiredKeys = ["APP_NAME", "RECAPTCHA_Enabled", "SESSION_SECRET_KEY", "IS_DEPLOYED", "LOGIN_DB", "MBKAUTH_TWO_FA_ENABLE", "DOMAIN"];
+requiredKeys.forEach(key => {
+  if (!mbkautheVar[key]) {
+    throw new Error(`mbkautheVar.${key} is required`);
+  }
+});
+if (mbkautheVar.RECAPTCHA_Enabled === "true") {
+  if (mbkautheVar.RECAPTCHA_SECRET_KEY === undefined) {
+    throw new Error("mbkautheVar.RECAPTCHA_SECRET_KEY is required");
+  }
+}
+if (mbkautheVar.COOKIE_EXPIRE_TIME !== undefined) {
+  const expireTime = parseFloat(mbkautheVar.COOKIE_EXPIRE_TIME);
+  if (isNaN(expireTime) || expireTime <= 0) {
+    throw new Error("mbkautheVar.COOKIE_EXPIRE_TIME must be a valid positive number");
+  }
+}
+if (mbkautheVar.BypassUsers !== undefined) {
+  if (!Array.isArray(mbkautheVar.BypassUsers)) {
+    throw new Error("mbkautheVar.BypassUsers must be a valid array");
+  }
+}
 
 // PostgreSQL connection pool for pool
 const poolConfig = {

package/lib/validateSessionAndRole.js

@@ -60,6 +60,9 @@ async function validateSession(req, res, next) {
       if (userResult.Role !== "SuperAdmin") {
         const allowedApps = userResult.AllowedApps;
         if (!allowedApps || !allowedApps.includes(mbkautheVar.APP_NAME)) {
+          console.log(`Allowed Apps for user "${req.session.user.username}": ${allowedApps}`);
+          console.log(!allowedApps);
+          console.log(!allowedApps.includes(mbkautheVar.APP_NAME));
           console.warn(`User \"${req.session.user.username}\" is not authorized to use the application \"${mbkautheVar.APP_NAME}\"`);
           req.session.destroy();
           res.clearCookie("mbkauthe.sid", { domain: `.${mbkautheVar.DOMAIN}` });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "1.0.9",
+  "version": "1.0.11",
   "description": "MBKTechStudio's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",