Added JWT func
This commit is contained in:
parent
c3bcde7744
commit
fdb3fdb861
|
@ -1,2 +1,7 @@
|
||||||
export const MAP_TIMEOUT_IN_MINUTES = process.env.MAPPING_TIMEOUT || '720' // 12 horas
|
export const MAP_TIMEOUT_IN_MINUTES = process.env.MAPPING_TIMEOUT || '720' // 12 horas
|
||||||
|
|
||||||
export const JWT_SECRET = process.env.JWT_SECRET || 'somERand0mStr1ng'
|
export const JWT_SECRET = process.env.JWT_SECRET || 'somERand0mStr1ng'
|
||||||
|
|
||||||
|
export const JWT_TTL_IN_MINUTES = Number(
|
||||||
|
process.env.JWT_TTL_IN_MINUTES || 43000
|
||||||
|
) // 30 dias
|
||||||
|
|
|
@ -1,15 +1,16 @@
|
||||||
import { Auth } from '../schemas/Auth'
|
import { Auth } from '../schemas/Auth'
|
||||||
import { LoginResult } from '../schemas/LoginResult'
|
import { AuthResult } from '../schemas/AuthResult'
|
||||||
|
|
||||||
export class FakeAuth implements Auth {
|
export class FakeAuth implements Auth {
|
||||||
constructor() {}
|
constructor() {}
|
||||||
|
|
||||||
async login(username: string, password: string): Promise<LoginResult> {
|
async login(username: string, password: string): Promise<AuthResult> {
|
||||||
if (username == 'test' && password == 'test')
|
if (username == 'test' && password == 'test')
|
||||||
return {
|
return {
|
||||||
displayName: 'Test User',
|
displayName: 'Test User',
|
||||||
username: 'test',
|
username: 'test',
|
||||||
domain: 'test_domain'
|
domain: 'test_domain',
|
||||||
|
pwdLastSet: '2021-01-01'
|
||||||
}
|
}
|
||||||
throw new Error('Fake login failed')
|
throw new Error('Fake login failed')
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import { Client } from 'ldapts'
|
import { Client } from 'ldapts'
|
||||||
import { Auth } from '../schemas/Auth'
|
import { Auth } from '../schemas/Auth'
|
||||||
import { LoginResult } from '../schemas/LoginResult'
|
import { AuthResult } from '../schemas/AuthResult'
|
||||||
|
|
||||||
export class LdapAuth implements Auth {
|
export class LdapAuth implements Auth {
|
||||||
constructor(
|
constructor(
|
||||||
|
@ -9,7 +9,7 @@ export class LdapAuth implements Auth {
|
||||||
private searchDN: string
|
private searchDN: string
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
async login(username: string, password: string): Promise<LoginResult> {
|
async login(username: string, password: string): Promise<AuthResult> {
|
||||||
try {
|
try {
|
||||||
await this.client.bind(`${this.domain}\\${username}`, password)
|
await this.client.bind(`${this.domain}\\${username}`, password)
|
||||||
|
|
||||||
|
@ -22,7 +22,8 @@ export class LdapAuth implements Auth {
|
||||||
return {
|
return {
|
||||||
username,
|
username,
|
||||||
displayName: search.searchEntries[0].displayName as string,
|
displayName: search.searchEntries[0].displayName as string,
|
||||||
domain: this.domain
|
domain: this.domain,
|
||||||
|
pwdLastSet: search.searchEntries[0].pwdLastSet as string
|
||||||
}
|
}
|
||||||
} catch (error: any) {
|
} catch (error: any) {
|
||||||
console.log('Error:', error)
|
console.log('Error:', error)
|
||||||
|
|
3
src/server/lib/jwt.ts
Normal file
3
src/server/lib/jwt.ts
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import { JwtService } from '../services/JwtService'
|
||||||
|
|
||||||
|
export const jwtService = new JwtService()
|
|
@ -3,8 +3,14 @@ import { Client } from 'ldapts'
|
||||||
import { LdapAuth } from '../auth/LdapAuth'
|
import { LdapAuth } from '../auth/LdapAuth'
|
||||||
import { PaFirewallService } from '../services/PaFirewallService'
|
import { PaFirewallService } from '../services/PaFirewallService'
|
||||||
import { db } from '../prisma'
|
import { db } from '../prisma'
|
||||||
|
import { LoginResult } from '../schemas/LoginResult'
|
||||||
|
import { jwtService } from './jwt'
|
||||||
|
|
||||||
export async function login(username: string, password: string, ip: string) {
|
export async function login(
|
||||||
|
username: string,
|
||||||
|
password: string,
|
||||||
|
ip: string
|
||||||
|
): Promise<LoginResult> {
|
||||||
const ldapClient = new Client({
|
const ldapClient = new Client({
|
||||||
url: 'ldap://10.7.0.18'
|
url: 'ldap://10.7.0.18'
|
||||||
})
|
})
|
||||||
|
@ -20,7 +26,17 @@ export async function login(username: string, password: string, ip: string) {
|
||||||
|
|
||||||
await pa.login(username, ip, user.domain)
|
await pa.login(username, ip, user.domain)
|
||||||
|
|
||||||
return user
|
const jwt = await jwtService.generateToken({
|
||||||
|
displayName: user.displayName,
|
||||||
|
username: user.username,
|
||||||
|
domain: user.domain,
|
||||||
|
pwdLastSet: user.pwdLastSet
|
||||||
|
})
|
||||||
|
|
||||||
|
return {
|
||||||
|
...user,
|
||||||
|
jwt
|
||||||
|
}
|
||||||
} catch (error: any) {
|
} catch (error: any) {
|
||||||
console.log(error.message)
|
console.log(error.message)
|
||||||
throw new Error(`Login procedure failed: ${error.message}`)
|
throw new Error(`Login procedure failed: ${error.message}`)
|
||||||
|
|
6
src/server/schemas/AuthResult.ts
Normal file
6
src/server/schemas/AuthResult.ts
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
export type AuthResult = {
|
||||||
|
username: string
|
||||||
|
displayName: string
|
||||||
|
domain: string
|
||||||
|
pwdLastSet: string
|
||||||
|
}
|
|
@ -3,6 +3,6 @@ export type JwtPayload = {
|
||||||
displayName: string
|
displayName: string
|
||||||
domain: string
|
domain: string
|
||||||
pwdLastSet: string
|
pwdLastSet: string
|
||||||
iat: Date // issued at
|
iat?: Date // issued at
|
||||||
exp: Date // expires at
|
exp?: Date // expires at
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
export type LoginResult = {
|
import { AuthResult } from './AuthResult'
|
||||||
username: string
|
|
||||||
displayName: string
|
export type LoginResult = AuthResult & {
|
||||||
domain: string
|
|
||||||
jwt?: string
|
jwt?: string
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,11 @@
|
||||||
import { sign, verify } from 'jsonwebtoken'
|
import { sign, verify } from 'jsonwebtoken'
|
||||||
import { JwtPayload } from '../schemas/JwtPayload'
|
import { JwtPayload } from '../schemas/JwtPayload'
|
||||||
|
import { JWT_SECRET, JWT_TTL_IN_MINUTES } from '../../common/env'
|
||||||
|
|
||||||
export class JwtService {
|
export class JwtService {
|
||||||
constructor(
|
constructor(
|
||||||
private readonly jwtSecret: string,
|
private readonly jwtSecret: string = JWT_SECRET,
|
||||||
private readonly ttlInMinutes: number
|
private readonly ttlInMinutes: number = JWT_TTL_IN_MINUTES
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
generateToken(payload: JwtPayload): string {
|
generateToken(payload: JwtPayload): string {
|
||||||
|
@ -16,8 +17,8 @@ export class JwtService {
|
||||||
}
|
}
|
||||||
|
|
||||||
verifyToken(token: string): JwtPayload {
|
verifyToken(token: string): JwtPayload {
|
||||||
const payload = verify(token, this.jwtSecret) as JwtPayload
|
const decoded = verify(token, this.jwtSecret) as unknown
|
||||||
|
|
||||||
return payload
|
return decoded as JwtPayload
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user