Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

updated it with new changes from other people #343

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

updated it with new changes from other people #343

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 46 additions & 1 deletion backend/src/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ import Helpers, { IResponseWithStatus } from './helpers';
import JWT from './jwt';
import { Logger, LogModule } from './logging';
import Secrets from './secrets';
import { AuthRequest } from './interfaces/interfaces';
import { AuthRequest, VerifyTokenRequest } from './interfaces/interfaces';
import Middleware from './middleware';
import ev from './environment';

const LM = new LogModule('AUTH');
Expand Down Expand Up @@ -244,4 +245,48 @@ export default class Auth {
}
return true;
}

// check if token is valid
public static AuthenticateToken(
this: void,
req: VerifyTokenRequest,
res: Response,
next: NextFunction,
) {
// const encodedJwt = req.body.jwt;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: remove commented out code

const { accountType } = req.body;
let response: IResponseWithStatus;

// currently this line does not work as jwt decryption algorithm doesn't work
// const jwt: IToken = JWT.get(encodedJwt);

// hard coded example
const jwt: IToken = {
id: 'test',
type: AccountType.Student,
lastRequestTimestamp: Date.now(),
ipAddress: '::1',
};

// checks it token is valid or not
try {
Middleware.verifyToken(req, jwt, accountType);

response = {
status: StatusCodes.OK,
msg: jwt,
};
} catch (error) {
// Error thrown meaning that token is invalid.
response = { status: StatusCodes.UNAUTHORIZED, msg: 'Token is invalid' };
}

if (response.msg === undefined) {
res.sendStatus(response.status);
}
else {
res.status(response.status).send(response.msg);
}
next();
}
}
10 changes: 10 additions & 0 deletions backend/src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ import {
UpdateCompanyDetailsRequest,
VerifyCompanyAccountRequest,
SearchJobRequest,
VerifyTokenRequest,
} from './interfaces/interfaces';

const LM = new LogModule('INDEX');
Expand Down Expand Up @@ -470,6 +471,15 @@ app.get(
Middleware.genericLoggingMiddleware,
);

app.get(
'/check-token-valid',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

auth/verify/token might be a clearer name for this

cors(corsOptions),
(req: VerifyTokenRequest, res, next) => {
Auth.AuthenticateToken(req, res, next);
},
Middleware.genericLoggingMiddleware,
);

if (ev.data().NODE_ENV === 'development') {
app.post('/email', (req, res) => {
(async () => {
Expand Down
8 changes: 8 additions & 0 deletions backend/src/interfaces/interfaces.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import { Request } from 'express';
import { ParamsDictionary } from 'express-serve-static-core';
import { AccountType } from '../auth';

import {
JobMode,
Expand Down Expand Up @@ -86,6 +87,11 @@ interface Year {
year: string;
}

interface VerifyBody {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

VerifyTokenBody might be a clearer name for this

jwt: string;
accountType: AccountType;
}

interface JobIDParams extends ParamsDictionary, JobID {}
interface CompanyIdParams extends ParamsDictionary, CompanyID {}
interface CompanyAccountIdParams extends ParamsDictionary, CompanyAccountID {}
Expand All @@ -101,6 +107,8 @@ export interface PasswordResetRequest extends Request, CompanyAccountID {}
// * Auth Functions
export type AuthRequest = Request<Record<string, never>, never, AuthBody>;

export type VerifyTokenRequest = Request<Record<string, never>, never, VerifyBody>;

// * Admin Functions
type AdminRequestBase = AdminID & JbToken;

Expand Down
6 changes: 6 additions & 0 deletions backend/src/middleware.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import {
AuthoriseCompanyRequest,
AuthoriseAdminRequest,
PasswordResetRequest,
VerifyTokenRequest,
} from './interfaces/interfaces';
import ev from './environment';

Expand Down Expand Up @@ -205,4 +206,9 @@ export default class Middleware {
next();
}
}

public static verifyToken(req: VerifyTokenRequest, jwt: IToken, expectedType: AccountType) {
Middleware.verifyAccountType(jwt.type, expectedType);
Middleware.verifyTokenProperties(req, jwt);
}
}