mbkauthe 1.1.6 → 1.1.7

package/index.js

@@ -1,9 +1,16 @@
 import express from "express"; // Add this line
 import router from "./lib/main.js";
-
+import { engine } from "express-handlebars";
 import dotenv from "dotenv";
+import path from "path";
+import { fileURLToPath } from "url";
+
 dotenv.config();
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
 let mbkautheVar;
+
 try {
     mbkautheVar = JSON.parse(process.env.mbkautheVar);
 } catch (error) {
@@ -35,9 +42,9 @@ if (mbkautheVar.BypassUsers !== undefined) {
     }
 }
 
+const app = express();
 if (process.env.test === "true") {
     console.log("Test mode is enabled. Starting server in test mode.");
-    const app = express();
     const port = 3000;
     app.use(router);
     app.listen(port, () => {
@@ -45,6 +52,17 @@ if (process.env.test === "true") {
     });
 }
 
+app.set("views", path.join(__dirname, "node_modules/mbkauthe/views"));
+
+app.engine("handlebars", engine({
+    defaultLayout: false,
+    partialsDir: [
+        path.join(__dirname, "node_modules/mbkauthe/views"),
+    ],
+}));
+
+app.set("view engine", "handlebars");
+
 export { validateSession, checkRolePermission, validateSessionAndRole, getUserData, authenticate, authapi } from "./lib/validateSessionAndRole.js";
 export { dblogin } from "./lib/pool.js";
 export default router;

package/lib/info.js

@@ -15,6 +15,14 @@ const mbkautheVar = JSON.parse(process.env.mbkautheVar);
 
 const router = express.Router();
 
+router.get(["/mbkauthe/login"], (req, res) => {
+  return res.render("loginmbkauthe", {
+    layout: false,
+    userLoggedIn: !!req.session?.user,
+    UserName: req.session?.user?.username || ''
+  });
+});
+
 async function getLatestVersion() {
   try {
     const response = await fetch('https://raw.githubusercontent.com/MIbnEKhalid/mbkauthe/main/package.json');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "1.1.6",
+  "version": "1.1.7",
   "description": "MBKTechStudio's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",
@@ -32,11 +32,14 @@
     "cookie-parser": "^1.4.7",
     "dotenv": "^16.4.7",
     "express": "^5.1.0",
+    "express-handlebars": "^8.0.1",
     "express-rate-limit": "^7.5.0",
     "express-session": "^1.18.1",
     "marked": "^15.0.11",
     "node-fetch": "^3.3.2",
-    "pg": "^8.14.1"
+    "path": "^0.12.7",
+    "pg": "^8.14.1",
+    "url": "^0.11.4"
   },
   "devDependencies": {
     "nodemon": "^2.0.22"

package/views/loginmbkauthe.handlebars

@@ -0,0 +1,257 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+
+<head>
+    <title>Login</title>
+    <script src="/Assets/Scripts/logout.js"></script>
+    <meta name="description"
+        content="Log in to portal.mbktechstudio.com to access your resources and manage projects securely.">
+    <meta name="keywords" content="MBK Tech Studio, Web-Portal, Web, Portal, Admin-Panel, Admin, login">
+    <meta property="og:title" content="Portal Login | MBK Tech STudio" />
+    <meta property="og:image" content="https://www.mbktechstudio.com/Assets/Images/Icon/logo.png" />
+    <meta property="og:url" content="https://portal.mbktechstudio.com/login">
+    <script type="application/ld+json">
+            { "@context": "https://schema.org", "@type": "Organization", "name": "MBK Tech Studio", "url":
+            "https://portal.mbktechstudio.com/login", "logo": "https://www.mbktechstudio.com/Assets/Images/Icon/logo.png", "description":
+            "MBK Tech Studio: Log in to portal.mbktechstudio.com to access your resources and manage projects securely." }
+        </script>
+    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+    <style>
+        .info {
+            font-family: 'Open Sans', sans-serif;
+            font-size: 14px;
+            color: #0c5460;
+            background-color: #d1ecf1;
+            border: 1px solid #ddd;
+            border-radius: 8px;
+            padding: 5px 15px;
+            margin-top: 5px;
+            font-weight: 500;
+            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
+            line-height: 1.2;
+        }
+
+        .info span {
+            color: #007bff;
+            /* Highlight for the info icon */
+            margin-right: 8px;
+        }
+
+        section .button {
+            margin: 0 0 2px !important;
+        }
+
+        section .button button {
+            margin: 0 !important;
+        }
+
+        .back {
+            top: 0;
+            color: #fff;
+            position: absolute;
+            margin-top: 10px;
+            font-size: 20px;
+            transition: color 0.3s ease;
+        }
+
+        .back:hover {
+            color: rgb(185, 185, 185);
+            transition: color 0.3s ease;
+        }
+
+        @media(max-width: 1200px) {
+            .user-box label {
+                left: 2% !important;
+            }
+        }
+
+        @media(max-width: 1200px) {
+            .user-box label {
+                left: 2% !important;
+            }
+        }
+
+        .recaptcha-container {
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            margin-top: 7px;
+        }
+    </style>
+</head>
+{{> header1 }}
+
+<body>
+    <section class="about" id="about">
+        <div class="content">
+            <div class="portalbox">
+                <div class="title">
+                    <span style="font-size:30px;">Login</span>
+                </div>
+                <form id="loginForm" action="/login" method="POST">
+                    <div class="back" onclick="loadpage('/')">
+                        <i class="fa-solid fa-arrow-left"></i>
+                    </div>
+                    <div class="user-box">
+                        <input id="loginUsername" type="text" name="username" required pattern="^[a-z0-9.]+$"
+                            title="Username must contain lowercase letters, numbers, and periods only, no spaces, no special characters."
+                            oninput="this.value = this.value.toLowerCase().replace(/[^a-z0-9.]/g, '')" />
+                        <label>User Name</label>
+                        <span class="info-icon" onclick="usernameinfo()">
+                            <i class="fa fa-info-circle"></i>
+                        </span>
+                    </div>
+                    <div class="user-box">
+                        <input id="loginPassword" type="password" name="Password" required="" />
+                        <label>Password</label>
+                        <span class="password-toggle-icon">
+                            <i class="fa fa-eye"></i>
+                        </span>
+                    </div>
+                    <div class="user-box" id="tokenCon" style="display: none;">
+                        <input id="token" type="text" class="no-spinner" name="token" pattern="\d{6}"
+                            title="Token must be exactly 6 digits" maxlength="6" minlength="6" />
+                        <label>Token</label>
+                        <span class="info-icon" onclick="tokeninfo()">
+                            <i class="fa fa-info-circle"></i>
+                        </span>
+                    </div>
+                    <div class="wrap">
+                        <div class="button">
+                            <button style="font-size: 17px;" type="submit">Login</button>
+                        </div>
+                    </div>
+                </form>
+                {{#if userLoggedIn }}
+                {{> alreadyloggedin UserName=UserName }}
+                {{/if }}
+                <p class="info maincssp">
+                    <span class="">
+                        <i class="fa fa-info-circle"></i>
+                    </span>By Logging In, You Are Automatically Agreeing To Our
+                    <a class="links" href="/info/Terms&Conditions">Use Of Terms & Conditions
+                    </a>
+                </p>
+                <div class="recaptcha-container">
+                    <div class="g-recaptcha" data-theme="dark" data-sitekey="6LfhaPgqAAAAAPgOw7r3rNOHKKfh5d7K3MMJeUHo">
+                    </div>
+                </div>
+            </div>
+        </div>
+    </section>
+</body>
+{{> footer }}
+<script>
+    function usernameinfo() {
+        showMessage(
+            '<div style="">If you are a member of the Mbk Tech Studio team, your username is the first part of your email address (e.' +
+            'g., for abc.xyz@mbktechstudio.com, your username is abc.xyz). If you are a guest or have forgotten your username and pas' +
+            'sword, please fill contact form at <a class="links" href="https://www.mbktechstudio.com/Support">mbktechstudio.com/Suppo' +
+            'rt</a> or contact me directly.<div>',
+            "What Is My Username?"
+        );
+    }
+    function tokeninfo() {
+        showMessage(
+            '<div style="">The 2FA token or Auth token is required for SuperAdmin and NormalAdmin to log in. Each user has been given' +
+            ' an Auth Code, which they can use to generate an Auth token using any Auth App.<div>',
+            "What Is Token?"
+        );
+    }
+
+    document.getElementById('loginForm').addEventListener('submit', function (event) {
+        event.preventDefault();
+        const username = document.getElementById('loginUsername').value.trim();
+        const password = document.getElementById('loginPassword').value.trim();
+        const token = document.getElementById('token').value.trim(); // 2FA token
+        let recaptchaResponse;
+
+        recaptchaResponse = grecaptcha.getResponse();
+
+        if (!username || !password) {
+            showMessage("Username and password cannot be empty", "Error");
+            return;
+        }
+        const loginButton = document.querySelector('button[type="submit"]');
+        loginButton.disabled = true;
+        loginButton.innerText = "Logging in.....";
+        fetch('/mbkauthe/api/login', {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify({ username, password, token, recaptcha: recaptchaResponse || null })
+        })
+            .then(response => {
+                loginButton.disabled = false;
+                loginButton.innerText = "Login";
+                return response.json().then(data => {
+                    if (response.ok) {
+                        return data;
+                    } else {
+                        throw new Error(data.message || "An error occurred");
+                    }
+                });
+            })
+            .then(data => {
+                if (data.success) {
+                    sessionStorage.setItem('sessionId', data.sessionId);
+                    clearAllCookies();
+                    const redirectUrl = new URLSearchParams(window.location.search).get('redirect');
+                    loginButton.innerText = "Redirecting.....";
+                    window.location.href = redirectUrl ? decodeURIComponent(redirectUrl) : '/chatbot';
+                } else {
+                    grecaptcha.reset();
+                    showMessage(data.message, "Error");
+                    document.getElementById('loginMessage').innerText = data.message;
+                    if (data.code === 401 && data.message === "Invalid 2FA code") {
+                        console.log("data.message");
+                    }
+                }
+            })
+            .catch(error => {
+                grecaptcha.reset();
+                if (error.message === "Please Enter 2FA code") {
+                    showMessage("Please enter the 2FA code", "Error");
+                    const tokenCon = document.getElementById('tokenCon');
+                    const tokenInput = document.getElementById('token');
+                    tokenCon.style.display = "block";
+                    tokenInput.setAttribute('required', '');
+                } else {
+                    console.error('Error:', error);
+                    showMessage(error.message, "Error");
+                    loginButton.disabled = false;
+                    loginButton.innerText = "Login";
+                }
+            });
+    });
+    document.addEventListener('DOMContentLoaded', function () {
+        const loginButton = document.querySelector('button[type="submit"]');
+        loginButton.innerText = "Login";
+    });
+    // Event listener for toggling password visibility
+    document.addEventListener('DOMContentLoaded', function () { // Set the value of the input field with the page URL
+        const passwordInput = document.getElementById('loginPassword');
+        const toggleIcon = document.querySelector('.password-toggle-icon');
+        toggleIcon.addEventListener('click', function () { // Toggle the type of the input field
+            if (passwordInput.type === 'password') {
+                passwordInput.type = 'text'; // Show password
+                toggleIcon.innerHTML = '<i class="fa fa-eye-slash"></i>'; // Change icon to closed eye
+            } else {
+                passwordInput.type = 'password'; // Hide password
+                toggleIcon.innerHTML = '<i class="fa fa-eye"></i>'; // Change icon to open eye
+            }
+        });
+    });
+    const urlParams = new URLSearchParams(window.location.search);
+    const usernameFromUrl = urlParams.get('username');
+    const passwordFromUrl = urlParams.get('password');
+    if (usernameFromUrl && !document.getElementById('loginUsername').value) {
+        document.getElementById('loginUsername').value = usernameFromUrl;
+    }
+    if (passwordFromUrl && !document.getElementById('loginPassword').value) {
+        document.getElementById('loginPassword').value = passwordFromUrl;
+    }
+</script>
+
+</html>