import bcrypt from 'bcryptjs'; import Debug from 'debug'; import { env } from '../../lib/env.js'; import refreshTokensDB from '../../lib/refreshTokensDB.js'; import userDB from '../../lib/userDB.js'; import { generateAccessToken, generateEtag, generateRefreshToken, } from '../../lib/utils.js'; const debug = Debug('twtkpr:login'); /** * Handles login request and (if successful) returns the JWT access token wile setting the refresh n the * * @param req * @param res * @returns */ export default async function loginHandler(req, res, config) { const { accessSecret, privateDirectory, refreshSecret } = config; debug('starting'); try { const tokens = await refreshTokensDB(privateDirectory); const users = await userDB(privateDirectory); const { username, password, rememberToggle } = req.body; if (!username || !password || !users.get(username)) { debug('no values found', username); res.status(401).end(); return; } const isMatch = await bcrypt.compare(password, users.get(username)); if (!isMatch) { privateDirectory; debug('no match'); res.status(401).end(); return; } debug('generating tokens'); const accessToken = generateAccessToken(username, accessSecret); debug(`access token: ${accessToken}`); const refreshToken = generateRefreshToken(username, refreshSecret, !!rememberToggle); debug(`refresh token: ${refreshToken}`); debug('setting tokens'); tokens.set(username, (tokens.get(username) || []).concat([refreshToken])); debug('setting refreshToken cookie'); res.cookie('refreshToken', refreshToken, { httpOnly: true, secure: env.NODE_ENV === 'production', sameSite: 'strict', // 1 hour or 7 days maxAge: (rememberToggle ? 1 : 7 * 24) * 60 * 60 * 1000, }); debug('setting response'); res.set('etag', generateEtag(accessToken)).status(200).send(accessToken); } catch (err) { console.error(err); res.status(500).end(); } } //# sourceMappingURL=login.js.map