protonfile-auth 1.6.0 → 1.6.3

package/lib/controllers/logout.d.ts

@@ -1,3 +1,3 @@
 import { Request, Response } from 'express';
-declare const _default: (_req: Request, res: Response) => Promise<Response<any, Record<string, any>> | undefined>;
+declare const _default: (req: Request, res: Response) => Promise<Response<any, Record<string, any>> | undefined>;
 export default _default;

package/lib/controllers/logout.js

@@ -11,11 +11,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 const auth_1 = require("../services/auth");
 const session_1 = require("../services/session");
-exports.default = (_req, res) => __awaiter(void 0, void 0, void 0, function* () {
+exports.default = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
     yield (0, auth_1.clearRefreshTokenCookie)(res);
     yield (0, session_1.clearSessionCookie)(res);
+    const sessionCache = req.sessionCache;
     try {
-        const session_id = JSON.parse(_req.cookies.session_id).session_id;
+        const session_id = JSON.parse(req.cookies.session_id).session_id;
+        sessionCache.set(session_id, 60 * 15);
         yield (0, session_1.deleteSession)(session_id);
     }
     catch (err) {

package/lib/controllers/refresh_token.js

@@ -44,6 +44,9 @@ exports.default = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
     (0, auth_1.setRefreshTokenCookie)(res, (0, auth_1.createRefreshToken)({ user_id: user.user_id }));
     return res.send({
         ok: true,
-        accessToken: (0, auth_1.createAccessToken)({ user_id: user.user_id }),
+        accessToken: (0, auth_1.createAccessToken)({
+            user_id: user.user_id,
+            session_id: JSON.parse(session).session_id,
+        }),
     });
 });

package/lib/controllers/registerOtp.js

@@ -17,7 +17,7 @@ exports.default = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
         const user = yield User_1.User.findOne({ email });
         if (!user)
             return res.sendStatus(403);
-        const otp = yield OTP_1.OTP.findOne({ code, user_id: user.user_id });
+        const otp = yield OTP_1.OTP.findOne({ code, user_id: user.user_id, scope: 'registration' });
         if (!otp)
             return res.sendStatus(404);
         yield OTP_1.OTP.delete({ code: otp.code });

package/lib/index.d.ts

@@ -9,6 +9,7 @@ import { TempTokenService } from './services/TempToken';
 import SessionCleaner from './services/SessionCleaner';
 import { OTP } from './Entities/OTP';
 import OTPVacuum from './services/OTPVacuum';
+import SessionCache from './services/SessionCache';
 declare const _default: {
     router: (typeormConfig: ConnectionOptions) => import("express-serve-static-core").Router;
     authMiddleware: (req: express.Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, res: express.Response<any, Record<string, any>>, next: express.NextFunction) => Promise<void | express.Response<any, Record<string, any>>>;
@@ -22,6 +23,7 @@ declare const _default: {
         TempTokenService: typeof TempTokenService;
         SessionCleaner: typeof SessionCleaner;
         OTPVacuum: typeof OTPVacuum;
+        sessionCache: SessionCache;
     };
 };
 export default _default;

package/lib/index.js

@@ -23,6 +23,9 @@ const SessionCleaner_1 = __importDefault(require("./services/SessionCleaner"));
 const OTP_1 = require("./Entities/OTP");
 const OTPVacuum_1 = __importDefault(require("./services/OTPVacuum"));
 const registerOtp_1 = __importDefault(require("./controllers/registerOtp"));
+const SessionCache_1 = __importDefault(require("./services/SessionCache"));
+const appendSessionCache_1 = __importDefault(require("./middlewares/appendSessionCache"));
+const sessionCache = new SessionCache_1.default();
 exports.default = {
     router: (typeormConfig) => {
         (0, typeorm_1.createConnection)(Object.assign(Object.assign({}, typeormConfig), { entities: [User_1.User, Session_1.Session, TempToken_1.TempToken, OTP_1.OTP] })).then((connection) => {
@@ -30,6 +33,11 @@ exports.default = {
             Session_1.Session.useConnection(connection);
             TempToken_1.TempToken.useConnection(connection);
             OTP_1.OTP.useConnection(connection);
+            TempToken_1.TempToken.find().then((res) => {
+                for (const session of res) {
+                    sessionCache.set(session.token, (session.expires - Date.now()) / 1000);
+                }
+            });
         });
         const router = express_1.default.Router();
         router.use(body_parser_1.default.urlencoded({ extended: false }));
@@ -37,14 +45,14 @@ exports.default = {
         router.post('/register/otp', registerOtp_1.default);
         router.post('/login', (0, cookie_parser_1.default)(), login_1.default);
         router.post('/refresh_token', (0, cookie_parser_1.default)(), refresh_token_1.default);
-        router.post('/logout', (0, cookie_parser_1.default)(), logout_1.default);
+        router.post('/logout', appendSessionCache_1.default.bind(null, sessionCache), (0, cookie_parser_1.default)(), logout_1.default);
         router.get('/qr', (0, cookie_parser_1.default)(), qr_1.get);
-        router.post('/qr', verifyToken_1.default, qr_1.post);
+        router.post('/qr', verifyToken_1.default.bind(null, sessionCache), qr_1.post);
         router.get('/change_password/:email', change_password_1.get);
         router.post('/change_password', change_password_1.post);
         return router;
     },
-    authMiddleware: verifyToken_1.default,
+    authMiddleware: verifyToken_1.default.bind(null, sessionCache),
     entities: { User: User_1.User, Session: Session_1.Session, TempToken: TempToken_1.TempToken, OTP: OTP_1.OTP },
-    services: { TempTokenService: TempToken_2.TempTokenService, SessionCleaner: SessionCleaner_1.default, OTPVacuum: OTPVacuum_1.default },
+    services: { TempTokenService: TempToken_2.TempTokenService, SessionCleaner: SessionCleaner_1.default, OTPVacuum: OTPVacuum_1.default, sessionCache },
 };

package/lib/middlewares/appendSessionCache.d.ts

@@ -0,0 +1,4 @@
+import { NextFunction, Request, Response } from 'express';
+import SessionCache from '../services/SessionCache';
+declare const appendSessionCache: (sessionCache: SessionCache, req: Request, _res: Response, next: NextFunction) => void;
+export default appendSessionCache;

package/lib/middlewares/appendSessionCache.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const appendSessionCache = (sessionCache, req, _res, next) => {
+    req.sessionCache = sessionCache;
+    next();
+};
+exports.default = appendSessionCache;

package/lib/middlewares/verifyToken.d.ts

@@ -1,3 +1,4 @@
 import { NextFunction, Request, Response } from 'express';
-declare const _default: (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+import SessionCache from '../services/SessionCache';
+declare const _default: (cache: SessionCache, req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
 export default _default;

package/lib/middlewares/verifyToken.js

@@ -13,12 +13,16 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
-exports.default = (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
+exports.default = (cache, req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
     const config = process.env;
     const token = req.body.token || req.query.token || req.headers['x-access-token'];
     if (!token) {
         return res.status(403).send('A token is required for authentication');
     }
+    const decoded = jsonwebtoken_1.default.decode(token);
+    if (cache.has(decoded.session_id)) {
+        return res.status(401).send('Token expired');
+    }
     try {
         const decoded = jsonwebtoken_1.default.verify(token, config.ACCESS_TOKEN_KEY);
         req.user = decoded;

package/lib/services/SessionCache.d.ts

@@ -0,0 +1,8 @@
+import NodeCache from 'node-cache';
+declare class SessionCache {
+    cache: NodeCache;
+    constructor();
+    set(session: string, ttl: number): boolean;
+    has(session: string): boolean;
+}
+export default SessionCache;

package/lib/services/SessionCache.js

@@ -0,0 +1,25 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const node_cache_1 = __importDefault(require("node-cache"));
+const TempToken_1 = require("../Entities/TempToken");
+class SessionCache {
+    constructor() {
+        this.cache = new node_cache_1.default();
+    }
+    set(session, ttl) {
+        const tempToken = new TempToken_1.TempToken();
+        tempToken.token = session;
+        tempToken.expires = Date.now() + (15 * 60000 + 0);
+        tempToken
+            .save()
+            .catch((err) => console.log('Error while persisting session', err));
+        return this.cache.set(session, undefined, ttl);
+    }
+    has(session) {
+        return this.cache.has(session);
+    }
+}
+exports.default = SessionCache;

package/lib/services/auth.js

@@ -15,7 +15,7 @@ const uuid_1 = require("uuid");
 const Session_1 = require("../Entities/Session");
 const session_1 = require("./session");
 const createAccessToken = (payload) => {
-    return (0, jsonwebtoken_1.sign)({ user_id: payload.user_id }, process.env.ACCESS_TOKEN_KEY, {
+    return (0, jsonwebtoken_1.sign)({ user_id: payload.user_id, session_id: payload.session_id }, process.env.ACCESS_TOKEN_KEY, {
         expiresIn: '15m',
     });
 };
@@ -53,7 +53,7 @@ const generateQrAuth = () => __awaiter(void 0, void 0, void 0, function* () {
 exports.generateQrAuth = generateQrAuth;
 const performLogin = (req, res, user) => {
     return new Promise((resolve, reject) => __awaiter(void 0, void 0, void 0, function* () {
-        const token = (0, exports.createAccessToken)({ user_id: user.user_id });
+        let session_id;
         (0, exports.setRefreshTokenCookie)(res, (0, exports.createRefreshToken)({
             user_id: user.user_id,
         }));
@@ -62,6 +62,7 @@ const performLogin = (req, res, user) => {
             try {
                 (0, session_1.verifySessionToken)(session.token);
                 const newSession = yield (0, session_1.bumpSessionToken)(session.session_id);
+                session_id = newSession.session_id;
                 (0, session_1.setSessionCookie)(res, JSON.stringify(newSession));
             }
             catch (err) {
@@ -78,6 +79,7 @@ const performLogin = (req, res, user) => {
                 if (!session) {
                     return;
                 }
+                session_id = session.session_id;
                 (0, session_1.setSessionCookie)(res, JSON.stringify(session));
             }
         }
@@ -93,8 +95,10 @@ const performLogin = (req, res, user) => {
             if (!session) {
                 return;
             }
+            session_id = session.session_id;
             (0, session_1.setSessionCookie)(res, JSON.stringify(session));
         }
+        const token = (0, exports.createAccessToken)({ user_id: user.user_id, session_id });
         resolve(token);
     }));
 };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "protonfile-auth",
-	"version": "1.6.0",
+	"version": "1.6.3",
 	"description": "protonfile-auth",
 	"main": "lib/index.js",
 	"types": "lib/index.d.ts",
@@ -34,6 +34,7 @@
 		"express": "^4.17.1",
 		"handlebars": "^4.7.7",
 		"jsonwebtoken": "^8.5.1",
+		"node-cache": "^5.1.2",
 		"nodemailer": "^6.7.0",
 		"pg": "^8.7.1",
 		"typeorm": "^0.2.38",