Authentication authorization (#42)

* Update server.ts

* Clean up the code to be more modular

* Authorization and Authentication

* Login Page

* Encryption and decryption schema

Will update the code later to have individaul private keys for each researcher, but for now, we are the only researcher so one private key should satisfy.

* Encryption

* Update views/login.pug

Co-authored-by: Mark Whiting <[email protected]>

* Token exists middleware && made encryption not depend on query

* CSURF protection added

* Csurf retry.

* Needed tp add csrf module to every router

* Remove verify admin token on encrypt

Co-authored-by: Mark Whiting <[email protected]>

Author: sumants-dev

@types/express/index.d.ts

@@ -0,0 +1,8 @@
+import * as express from "express"
+declare global {
+    namespace Express {
+        interface Request {
+            user? : Record<any, any>
+        }
+    }
+}

config.ts

@@ -0,0 +1,27 @@
+import { Database_Wrapper } from "./interfaces";
+import Nedb from "./databases/test_db";
+import Mongo from "./databases/prod_db";
+import exp = require("constants");
+    
+
+
+const env_config = {
+    PORT: parseInt(process.env.PORT),
+    URI: process.env.PROD.toLowerCase() == "true" ? process.env.PROD_URI : process.env.TEST_URI,
+    DB: process.env.PROD.toLowerCase() == "true" ? process.env.PROD_DB : process.env.TEST_DB,
+    RANDOM: process.env.RANDOM,
+    TOKEN_KEY: process.env.TOKEN_KEY,
+    SECRET_KEY: process.env.SECRET_KEY,
+    ENCRYPT_KEY: process.env.ENCRYPT_KEY,
+    IV_KEY: process.env.IV_KEY,
+    DOMAIN: process.env.DOMAIN
+}
+
+if (env_config.URI === undefined || env_config.DB === undefined) {
+    throw new Error("Please set mongo db uri or db")
+}
+
+const Db_Wrapper: Database_Wrapper = new Mongo(env_config);
+Db_Wrapper.set_db(env_config.DB);  
+
+export {Db_Wrapper, env_config}

interfaces.ts

@@ -6,4 +6,4 @@ export interface Database_Wrapper {
     update(filter: any, updateDoc: any, options: any, collection: string);
     find(query: any, collection: string);
     export(query: any, collection: string);
-}
+}

middlewares/auth.middleware.ts

@@ -0,0 +1,62 @@
+import {Db_Wrapper, env_config} from "../config"
+const jwt = require('jsonwebtoken');
+
+export const verifyToken = (req, res, next) => {
+  const token = req.session.token  
+
+  if (token === undefined) {
+    return res.status(403).redirect("/login/researcher")
+  }
+  
+  jwt.verify(token, env_config.TOKEN_KEY, (err, user) => {
+    if (err) {
+      return res.status(404).send("token is not verified")
+    } else {
+      req.user = user;
+      next()
+    }
+  })
+
+}
+
+export const existsToken = (req, res, next) => {
+  // if token exists, it passes non sensitive user info
+  const token = req.session.token  
+
+  if (token === undefined) {
+    next()
+    return 
+  }
+  
+  jwt.verify(token, env_config.TOKEN_KEY, (err, user) => {
+    if (err) {
+      next()
+      return 
+    } else {
+      req.user = user;
+      next()
+    }
+  })
+
+}
+
+export const verifyAdminToken = (req, res, next) => {
+  const token = req.session.token  
+
+  if (token === undefined) {
+    return res.status(403).redirect("/login/admin")
+  }
+  
+  jwt.verify(token, env_config.TOKEN_KEY, (err, user) => {
+    if (err) {
+      return res.status(404).send("token is not verified")
+    } else if (!user.admin) {
+      return res.status(403).send("USER IS NOT ADMIN")
+    } else {
+      req.user = user;
+      next()
+    }
+  })
+
+
+}