apxtrib/app/middlewares/isAuthenticated.js

const jwt = require( 'jwt-simple' );
const jsonfile = require( 'jsonfile' );
const fs = require( 'fs-extra' );
const moment = require( 'moment' );
const glob = require( 'glob' );
//const path = require( 'path' );
// Check if package is installed or not to pickup the right config file
//const src = '..'; // ( __dirname.indexOf( '/node_modules/' ) > -1 ) ? '../../..' : '..';
//const config = require( path.normalize( `${__dirname}/${src}/config.js` ) );
const config = require( '../tribes/townconf.js' );

const isAuthenticated = ( req, res, next ) => {
	/*
	  check if authenticated with valid token
	  if not => set req.session.header.xauth=1
	   if yes => set for xWorkon
	      req.session.header.accessrights={
				app:{'tribeid:website':[liste of menu]},
	      data:{  "sitewebsrc": "RWCDO",
	              "contacts": "RWCDO"}}
	    Liste of menu is linked with the app tht h
		ave to be consistent with accessrights.data
	    data, list of object accessright Read Write Create Delete Owner
	    a xuuid can read any objet if R
	    if O wner means that it can only read write its object create by himself
	*/
	console.log( 'isAuthenticated()?' );
	//console.log( 'req.app.locals.tokens', req.app.locals.tokens )
	//console.log( 'req.session.header', req.session.header );
	// Check if token exist or not
	req.session.header.accessrights = { app: "", data: {} }
	if( req.session.header.xpaganid == config.devnoauthxuuid && req.session.header.xauth == config.devnoauthxauth ) {
		console.log( 'isAuthenticated yes: carrefull using a bypass password give you accessrights={}' );
	} else if( req.session.header.xpaganid == "1" || !req.app.locals.tokens[ req.session.header.xpaganid ] ) {
		console.log( `isAuthenticated no : uuid=1 (value=${req.session.header.xpaganid}) or locals.tokens[uuid] empty ` );
		console.log( 'req.app.locals.tokens de xpaganid', req.app.locals.tokens[ req.session.header.xpaganid ] );
		console.log( 'list key uuid de req.app.locals.tokens', Object.keys( req.app.locals.tokens ) )
		req.session.header.xauth = "1"
	} else if( req.app.locals.tokens[ req.session.header.xpaganid ].TOKEN !== req.session.header.xauth ) {
		// console.log(req.session.header.xuuid);
		// console.log(req.session.header.xauth);
		// update tokens from file in case recently logged
		try {
			console.log( 'token not in list of token (req.app.locals.tokens) try to refresh from file' );
			req.app.locals.tokens = fs.readJsonSync( `${config.tmp}/tokens.json` );
		} catch ( err ) {
			console.log( `check isAuthenticated issue in reading ${config.tmp}/tokens.json` );
		}
		if( req.app.locals.tokens[ req.session.header.xpaganid ].TOKEN !== req.session.header.xauth ) {
			// if still does not exist then out
			console.log( 'isAuthenticated no, token outdated' );
			req.session.header.xauth = "1"
			req.session.header.xpaganid = "1"
		}
	}
	if( req.session.header.xauth == "1" ) {
		//return res.status( 403 )
		return res.status( 403 )
			.json( {
				info: [ 'forbiddenAccess' ],
				model: 'Pagans',
				moreinfo: 'isAuthenticated faill'
			} )
	} else {
		console.log( 'isAuthenticated yes' );
		if( req.app.locals.tokens[ req.session.header.xpaganid ] ) {
			//console.log( `accessright pour ${req.session.header.xpaganid}`, req.app.locals.tokens[ req.session.header.xpaganid ].ACCESSRIGHTS );
			//set header.accessrights from tokens.json
			req.session.header.accessrights = req.app.locals.tokens[ req.session.header.xpaganid ].ACCESSRIGHTS
		} else {
			// case of bypass no accessright available
			req.session.header.accessrights = {}
		}
		// Once per day, clean old token
		const currentday = moment()
			.date();
		console.log( 'test si menagedone' + currentday, !fs.existsSync( `${config.tmp}/menagedone${currentday}` ) )
		if( !fs.existsSync( `${config.tmp}/menagedone${currentday}` ) ) {
			glob.sync( `${config.tmp}/menagedone*` )
				.forEach( f => {
					fs.remove( f, ( err ) => {
						if( err ) {
							console.log( 'err remove menagedone', err )
						}
					} )
				} );
			glob.sync( `${config.tmp}/mdcreator*.log` )
				.forEach( f => {
					fs.remove( f, ( err ) => {
						if( err ) {
							console.log( 'err remove mdcreator log', err )
						}
					} )
				} );
			const newtokens = {};
			for( const k of Object.keys( req.app.locals.tokens ) ) {
				try {
					const decodedToken = jwt.decode( req.app.locals.tokens[ k ].TOKEN, config.jwtSecret );
					//console.log( moment( decodedToken.expiration ), moment() )
					//console.log( moment( decodedToken.expiration ) >= moment() )
					if( moment( decodedToken.expiration ) >= moment() ) {
						newtokens[ k ] = req.app.locals.tokens[ k ];
					}
				} catch ( err ) {
					console.log( "Check isAuthenticated cleaning token ", err );
				}
			};
			req.app.locals.tokens = newtokens;
			fs.outputJsonSync( `${config.tmp}/tokens.json`, newtokens );
			fs.writeFileSync( `${config.tmp}/menagedone${currentday}`, 'fichier semaphore to clean data each day can be deleted with no consequence', 'utf-8' );
		}
		next();
	}
};
module.exports = isAuthenticated;
first new commit 2023-01-22 09:53:09 +00:00			`const jwt = require( 'jwt-simple' );`
			`const jsonfile = require( 'jsonfile' );`
			`const fs = require( 'fs-extra' );`
			`const moment = require( 'moment' );`
			`const glob = require( 'glob' );`
			`//const path = require( 'path' );`
			`// Check if package is installed or not to pickup the right config file`
			`//const src = '..'; // ( __dirname.indexOf( '/node_modules/' ) > -1 ) ? '../../..' : '..';`
			//const config = require( path.normalize( `${__dirname}/${src}/config.js` ) );
update setup 2023-02-10 10:48:45 +00:00			`const config = require( '../tribes/townconf.js' );`
update project with new architecture 2023-04-13 05:46:35 +00:00
first new commit 2023-01-22 09:53:09 +00:00			`const isAuthenticated = ( req, res, next ) => {`
			`/*`
			`check if authenticated with valid token`
			`if not => set req.session.header.xauth=1`
			`if yes => set for xWorkon`
			`req.session.header.accessrights={`
			`app:{'tribeid:website':[liste of menu]},`
			`data:{ "sitewebsrc": "RWCDO",`
			`"contacts": "RWCDO"}}`
update project with new architecture 2023-04-13 05:46:35 +00:00			`Liste of menu is linked with the app tht h`
			`ave to be consistent with accessrights.data`
first new commit 2023-01-22 09:53:09 +00:00			`data, list of object accessright Read Write Create Delete Owner`
			`a xuuid can read any objet if R`
			`if O wner means that it can only read write its object create by himself`
			`*/`
			`console.log( 'isAuthenticated()?' );`
			`//console.log( 'req.app.locals.tokens', req.app.locals.tokens )`
			`//console.log( 'req.session.header', req.session.header );`
			`// Check if token exist or not`
			`req.session.header.accessrights = { app: "", data: {} }`
			`if( req.session.header.xpaganid == config.devnoauthxuuid && req.session.header.xauth == config.devnoauthxauth ) {`
			`console.log( 'isAuthenticated yes: carrefull using a bypass password give you accessrights={}' );`
			`} else if( req.session.header.xpaganid == "1" \|\| !req.app.locals.tokens[ req.session.header.xpaganid ] ) {`
			console.log( `isAuthenticated no : uuid=1 (value=${req.session.header.xpaganid}) or locals.tokens[uuid] empty ` );
			`console.log( 'req.app.locals.tokens de xpaganid', req.app.locals.tokens[ req.session.header.xpaganid ] );`
			`console.log( 'list key uuid de req.app.locals.tokens', Object.keys( req.app.locals.tokens ) )`
			`req.session.header.xauth = "1"`
			`} else if( req.app.locals.tokens[ req.session.header.xpaganid ].TOKEN !== req.session.header.xauth ) {`
			`// console.log(req.session.header.xuuid);`
			`// console.log(req.session.header.xauth);`
			`// update tokens from file in case recently logged`
			`try {`
			`console.log( 'token not in list of token (req.app.locals.tokens) try to refresh from file' );`
cleaning package and replace jsonfile by fs-extra 2023-02-22 07:00:08 +00:00			req.app.locals.tokens = fs.readJsonSync( `${config.tmp}/tokens.json` );
first new commit 2023-01-22 09:53:09 +00:00			`} catch ( err ) {`
			console.log( `check isAuthenticated issue in reading ${config.tmp}/tokens.json` );
			`}`
			`if( req.app.locals.tokens[ req.session.header.xpaganid ].TOKEN !== req.session.header.xauth ) {`
			`// if still does not exist then out`
			`console.log( 'isAuthenticated no, token outdated' );`
			`req.session.header.xauth = "1"`
			`req.session.header.xpaganid = "1"`
			`}`
			`}`
			`if( req.session.header.xauth == "1" ) {`
			`//return res.status( 403 )`
			`return res.status( 403 )`
update project with new architecture 2023-04-13 05:46:35 +00:00			`.json( {`
first new commit 2023-01-22 09:53:09 +00:00			`info: [ 'forbiddenAccess' ],`
			`model: 'Pagans',`
			`moreinfo: 'isAuthenticated faill'`
			`} )`
			`} else {`
			`console.log( 'isAuthenticated yes' );`
			`if( req.app.locals.tokens[ req.session.header.xpaganid ] ) {`
			//console.log( `accessright pour ${req.session.header.xpaganid}`, req.app.locals.tokens[ req.session.header.xpaganid ].ACCESSRIGHTS );
			`//set header.accessrights from tokens.json`
			`req.session.header.accessrights = req.app.locals.tokens[ req.session.header.xpaganid ].ACCESSRIGHTS`
			`} else {`
			`// case of bypass no accessright available`
			`req.session.header.accessrights = {}`
			`}`
			`// Once per day, clean old token`
			`const currentday = moment()`
			`.date();`
			console.log( 'test si menagedone' + currentday, !fs.existsSync( `${config.tmp}/menagedone${currentday}` ) )
			if( !fs.existsSync( `${config.tmp}/menagedone${currentday}` ) ) {
			glob.sync( `${config.tmp}/menagedone*` )
			`.forEach( f => {`
			`fs.remove( f, ( err ) => {`
			`if( err ) {`
			`console.log( 'err remove menagedone', err )`
			`}`
			`} )`
			`} );`
			glob.sync( `${config.tmp}/mdcreator*.log` )
			`.forEach( f => {`
			`fs.remove( f, ( err ) => {`
			`if( err ) {`
			`console.log( 'err remove mdcreator log', err )`
			`}`
			`} )`
			`} );`
			`const newtokens = {};`
			`for( const k of Object.keys( req.app.locals.tokens ) ) {`
			`try {`
			`const decodedToken = jwt.decode( req.app.locals.tokens[ k ].TOKEN, config.jwtSecret );`
			`//console.log( moment( decodedToken.expiration ), moment() )`
			`//console.log( moment( decodedToken.expiration ) >= moment() )`
			`if( moment( decodedToken.expiration ) >= moment() ) {`
			`newtokens[ k ] = req.app.locals.tokens[ k ];`
			`}`
			`} catch ( err ) {`
			`console.log( "Check isAuthenticated cleaning token ", err );`
			`}`
			`};`
			`req.app.locals.tokens = newtokens;`
cleaning package and replace jsonfile by fs-extra 2023-02-22 07:00:08 +00:00			fs.outputJsonSync( `${config.tmp}/tokens.json`, newtokens );
first new commit 2023-01-22 09:53:09 +00:00			fs.writeFileSync( `${config.tmp}/menagedone${currentday}`, 'fichier semaphore to clean data each day can be deleted with no consequence', 'utf-8' );
			`}`
			`next();`
			`}`
			`};`
			`module.exports = isAuthenticated;`