KK
/
API
Archived
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

better structure for requests and auth protection

main
Netcup Gituser 2023-12-05 16:53:23 +01:00
parent 0d957ab6af
commit 50ecea2a6b
9 changed files with 59 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
index.ts
View File

@ -8,10 +8,12 @@ import swaggerJsDoc from "swagger-jsdoc";
const app: Express = express(); const app: Express = express();
const port = process.env.PORT || 3000; const port = process.env.PORT || 3000;
import routes from "./src/routes/routes"; import { initDatabase } from "./src/mongodb/mongodb";
import swaggerUI from "swagger-ui-express"; import swaggerUI from "swagger-ui-express";
import { initDatabase } from "./src/mongodb/mongodb"; import adminRoutes from "./src/routes/adminRoutes";
import userRoutes from "./src/routes/userRoutes";
import eventRoutes from "./src/routes/eventRoutes";
const options = { const options = {
definition: { definition: {
@ -39,11 +41,23 @@ const options = {
}; };
app.use(bodyParser.json()); app.use(bodyParser.json());
app.use("/api/v1", routes);
app.use("/api/v1/user", userRoutes);
app.use("/api/v1/admin", adminRoutes);
app.use("/api/v1/events", eventRoutes);
const specs = swaggerJsDoc(options); const specs = swaggerJsDoc(options);
app.use("/api-docs", swaggerUI.serve, swaggerUI.setup(specs)); app.use("/api-docs", swaggerUI.serve, swaggerUI.setup(specs));
app.use((req, res, next) => {
res.status(404).send("not found");
});
app.use((err: any, req: any, res: any, next: any) => {
console.log("req err", err.stack);
res.status(500).send({ err: "invalid request" });
});
initDatabase(); initDatabase();
app.listen(port, () => { app.listen(port, () => {

2
src/controllers/userController.ts
View File

@ -13,7 +13,7 @@ export async function SignUp(req: Request, res: Response) {
const existingUser = await User.findOne({ accountName }).lean(); const existingUser = await User.findOne({ accountName }).lean();
if (existingUser) { if (existingUser) {
return res.status(400).json({ status: "err" }); return res.status(400).json({ status: 1 });
} }
const isBase64Password = const isBase64Password =

18
src/middleware/authMiddleware.ts Normal file
View File

@ -0,0 +1,18 @@
import { Request } from "express";
import { Session } from "../models/session";
export async function sessionProtection(req: Request, res: any, next: any) {
const xAuthorization = req.get("x-authorization");
if (!xAuthorization) {
return res.status(401).json({ status: "err" });
}
const session = await Session.findOne({ sessionId: xAuthorization }).lean();
if (!session) {
return res.status(401).json({ status: "err" });
}
next();
}

4
src/models/session.ts
View File

@ -1,12 +1,12 @@
import mongoose, { InferSchemaType, Schema } from "mongoose"; import mongoose, { InferSchemaType, Schema } from "mongoose";
import { ADMIN_MAX_USERS_PER_PAGE } from "../utils/utils"; import { DEFAULT_SESSION_EXPIRATION } from "../utils/constants";
export const sessionSchema = new Schema({ export const sessionSchema = new Schema({
sessionId: String, sessionId: String,
accountName: String, accountName: String,
expiresAt: { expiresAt: {
type: Date, type: Date,
default: new Date(Date.now() + ADMIN_MAX_USERS_PER_PAGE), default: new Date(Date.now() + DEFAULT_SESSION_EXPIRATION),
}, },
}); });

9
src/routes/adminRoutes.ts Normal file
View File

@ -0,0 +1,9 @@
import express from "express";
const router = express.Router();
import * as adminController from "../controllers/adminController";
import { sessionProtection } from "../middleware/authMiddleware";
router.get("/users", sessionProtection, adminController.GetAllUsers);
export default router;

4
src/routes/eventRoutes.ts Normal file
View File

@ -0,0 +1,4 @@
import express from "express";
const router = express.Router();
export default router;

9
src/routes/routes.ts → src/routes/userRoutes.ts
View File

@ -1,7 +1,6 @@
import express from "express"; import express from "express";
const router = express.Router(); const router = express.Router();
import * as userController from "../controllers/userController"; import * as userController from "../controllers/userController";
import * as adminController from "../controllers/adminController";
/** /**
* @swagger * @swagger
@ -63,7 +62,7 @@ import * as adminController from "../controllers/adminController";
* type: string * type: string
* example: 'err' * example: 'err'
*/ */
router.post("/user/signup", userController.SignUp); router.post("/signup", userController.SignUp);
/** /**
* @swagger * @swagger
@ -125,10 +124,8 @@ router.post("/user/signup", userController.SignUp);
* type: string * type: string
* example: 'err' * example: 'err'
*/ */
router.post("/user/login", userController.Login); router.post("/login", userController.Login);
router.get("/user/profile/:accountName", userController.GetUserProfile); router.get("/profile/:accountName", userController.GetUserProfile);
router.get("/admin/users", adminController.GetAllUsers);
export default router; export default router;

5
src/utils/constants.ts Normal file
View File

@ -0,0 +1,5 @@
// Time duration in milliseconds for a default session expiration (7 days)
export const DEFAULT_SESSION_EXPIRATION: number = 7 * 24 * 60 * 60 * 1000;
// Maximum number of users to display per page in the admin interface
export const ADMIN_MAX_USERS_PER_PAGE: number = 10;

3
src/utils/utils.ts
View File

@ -2,9 +2,6 @@ import crypto from "crypto";
import { Session } from "../models/session"; import { Session } from "../models/session";
import { Response } from "express"; import { Response } from "express";
export const DEFAULT_SESSION_EXPIRATION = 7 * 24 * 60 * 60 * 1000; // 7 days
export const ADMIN_MAX_USERS_PER_PAGE = 10;
export async function saveSession(res: Response, accountName: string) { export async function saveSession(res: Response, accountName: string) {
try { try {
// Generate a random session ID // Generate a random session ID