initial commit

Author: vignesh-codes

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+logs

nodemon.json

@@ -0,0 +1,5 @@
+{
+    "watch": ["src"],
+    "ext": ".ts,.js",
+    "exec": "ts-node ./src/index.ts"
+}

package-lock.json

@@ -0,0 +1,42 @@
+{
+  "name": "typescript-node-auth",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "start": "nodemon",
+    "test": "jest"
+  },
+  "keywords": [],
+  "author": "vignesh-codes",
+  "license": "ISC",
+  "devDependencies": {
+    "@types/body-parser": "^1.19.5",
+    "@types/compression": "^1.7.5",
+    "@types/cookie-parser": "^1.4.7",
+    "@types/cors": "^2.8.17",
+    "@types/express": "^4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
+    "@types/lodash": "^4.17.0",
+    "@types/mongoose": "^5.11.97",
+    "@types/morgan": "^1.9.9",
+    "@types/supertest": "^6.0.2",
+    "@types/winston": "^2.4.4",
+    "nodemon": "^3.1.0",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.4.3"
+  },
+  "dependencies": {
+    "body-parser": "^1.20.2",
+    "compression": "^1.7.4",
+    "cookie-parser": "^1.4.6",
+    "cors": "^2.8.5",
+    "express": "^4.19.1",
+    "jsonwebtoken": "^9.0.2",
+    "lodash": "^4.17.21",
+    "mongoose": "^8.2.3",
+    "morgan": "^1.10.0",
+    "supertest": "^6.3.4",
+    "winston": "^3.12.0"
+  }
+}

package.json

@@ -0,0 +1,2 @@
+export const JWT_SECRET = "jlasfndafgnogbnsrijgbrgujobn";
+export const MONGOURL = "xxx"

src/constants/constants.ts

@@ -0,0 +1,46 @@
+import express from 'express'
+
+import { UserDatabase } from "../db/users";
+import { Logger } from '../loggers/logger'
+export class UserController {
+    private static userDB = UserDatabase.getInstance();
+
+    public static getAllUsers = async (req: express.Request, res: express.Response) => {
+        try {
+            const users = await UserController.userDB.getUsers();
+            res.send(users)
+            res.end()
+        } catch (error) {
+            Logger.Error(error.toString())
+            return res.sendStatus(400)
+        }
+    }
+
+    public static updateUser = async (req: express.Request, res: express.Response) => {
+        try {
+            const { username } = req.body
+            const { id } = req.params
+            if (!username) {
+                return res.sendStatus(400)
+            }
+            const userToUpdate = await UserController.userDB.getUserById(id);
+            userToUpdate.username = username;
+            await userToUpdate.save();
+            return res.status(200).json(userToUpdate).end()
+        } catch (error) {
+            Logger.Error(error.toString())
+            res.sendStatus(400)
+        }
+    }
+
+    public static deleteUser = async (req: express.Request, res: express.Response) => {
+        try {
+            const { id } = req.params;
+            const deletedUser = await UserController.userDB.deleteUserById(id);
+            return res.json(deletedUser)
+        } catch (error) {
+            Logger.Error(error.toString())
+            res.sendStatus(400)
+        }
+    }
+}

src/controllers/users.ts

@@ -0,0 +1,77 @@
+import express from 'express';
+
+import { UserDatabase } from '../../db/users';
+import { authentication, random } from '../../helpers'
+import { Logger } from '../../loggers/logger'
+export class V1AuthController {
+    private static userDB = UserDatabase.getInstance();
+
+    public static v1login = async (req: express.Request, res: express.Response) => {
+        try {
+            const { email, password} = req.body;
+            if (!email || !password ) {
+                return res.sendStatus(400)
+            }
+            const user = await V1AuthController.userDB.getUserByEmail(email).select("+authentication.salt +authentication.password");
+
+            if (!user) {
+                return res.sendStatus(400)
+            }
+            
+            const expectedHash = authentication(user.authentication.salt, password);
+            if (user.authentication.password != expectedHash) {
+                return res.sendStatus(401)
+            }
+
+            const salt = random();
+            user.authentication.sessionToken = authentication(salt, user._id.toString());
+            await user.save()
+
+            res.cookie("VWS-AUTH", user.authentication.sessionToken, {
+                domain: 'localhost',
+                path: "/"
+            });
+            return res.status(200).json(user).end()
+
+        } catch (error) {
+            Logger.Error(error.toString())
+            return res.sendStatus(400)
+        }
+    }
+
+    public static v1register = async (req: express.Request, res: express.Response) => {
+        try {
+            const { email, password, username } = req.body;
+
+            if (!email || !password || !username) {
+                return res.sendStatus(400);
+            };
+
+            const existingUser = await V1AuthController.userDB.getUserByEmail(email);
+            if (existingUser) {
+                return res.sendStatus(400);
+            };
+
+            const salt = random();
+            const user = await V1AuthController.userDB.createUser({
+                email,
+                username,
+                authentication: {
+                    salt,
+                    password: authentication(salt, password)
+                },
+            });
+
+            return res.status(200).json(user).end()
+
+        } catch (error) {
+            Logger.Error(error.toString());
+            return res.sendStatus(400);
+        }
+    }
+
+    public static v1logSuccessMsg = async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+        Logger.Info("successfully registered");
+        next(); 
+    }
+}

src/controllers/v1/authentication.ts

@@ -0,0 +1,74 @@
+import express from 'express';
+
+import { UserDatabase } from '../../db/users';
+import { authentication, random } from '../../helpers'
+import { generateJwt } from '../../middlewares/v2/jwt';
+import { Logger } from '../../loggers/logger'
+export class V2AuthController {
+    private static userDB = UserDatabase.getInstance();
+
+    public static v2login = async (req: express.Request, res: express.Response) => {
+        try {
+            const { email, password } = req.body;
+            if (!email || !password) {
+                return res.sendStatus(400)
+            }
+            const user = await V2AuthController.userDB.getUserByEmail(email).select("+authentication.salt +authentication.password");
+
+            if (!user) {
+                return res.sendStatus(400)
+            }
+
+            const expectedHash = authentication(user.authentication.salt, password);
+            if (user.authentication.password != expectedHash) {
+                return res.sendStatus(401)
+            }
+            let jwtToken = ""
+            try {
+                jwtToken = await generateJwt(user);
+            } catch (error) {
+                Logger.Error("Error generating JWT token:" + error.toString());
+                return res.sendStatus(401)
+            }
+            let userObj = user.toObject()
+            userObj.authentication.jwtToken = jwtToken;
+            return res.status(200).json(userObj).end()
+
+        } catch (error) {
+            Logger.Error(error.toString())
+            return res.sendStatus(400)
+        }
+    }
+
+
+    public static v2register = async (req: express.Request, res: express.Response) => {
+        try {
+            const { email, password, username } = req.body;
+
+            if (!email || !password || !username) {
+                return res.sendStatus(400);
+            };
+
+            const existingUser = await V2AuthController.userDB.getUserByEmail(email);
+            if (existingUser) {
+                return res.sendStatus(400);
+            };
+
+            const salt = random();
+            const user = await V2AuthController.userDB.createUser({
+                email,
+                username,
+                authentication: {
+                    salt,
+                    password: authentication(salt, password)
+                },
+            });
+
+            return res.status(200).json(user).end()
+
+        } catch (error) {
+            Logger.Error(error.toString());
+            return res.sendStatus(400);
+        }
+    }
+}

src/controllers/v2/authentication.ts

@@ -0,0 +1,22 @@
+import mongoose from 'mongoose';
+import { MONGOURL } from "../constants/constants"
+import {Logger} from "../loggers/logger"
+
+export class MongoDB {
+    public static async initDb() {
+        try {
+            Logger.Info("Trying to connect to MongoDB")
+            await mongoose.connect(MONGOURL);
+            Logger.Info("Connected to MongoDB");
+        } catch (error) {
+            Logger.Error("Error connecting to MongoDB:" + error.toString());
+        }
+        this.connectToDb()
+    }
+
+    private static connectToDb() {
+        mongoose.connection.on('error', (error: Error) => {
+            Logger.Error("MongoDB connection error:"+ error.toString());
+        });
+    }
+}

src/db/initdb.ts

@@ -0,0 +1,57 @@
+import mongoose, { Schema, Document } from 'mongoose';
+import { User } from '../models/user';
+
+export class UserDatabase {
+    private static instance: UserDatabase;
+    private userModel: mongoose.Model<User & Document>;
+
+    private constructor() {
+        const userSchemaFields: Record<keyof User, any> = {
+            username: { type: String, required: true },
+            email: { type: String, required: true },
+            authentication: {
+                password: { type: String, required: true, select: false },
+                salt: { type: String, select: false },
+                sessionToken: { type: String, select: false }
+            },
+        };
+
+        const userSchema: Schema<User & Document> = new Schema(userSchemaFields);
+        this.userModel = mongoose.models['User'] || mongoose.model<User & Document>('User', userSchema);
+    }
+
+    public static getInstance(): UserDatabase {
+        if (!UserDatabase.instance) {
+            UserDatabase.instance = new UserDatabase();
+        }
+        return UserDatabase.instance;
+    }
+
+    public getUsers() {
+        return this.userModel.find();
+    }
+
+    public getUserByEmail(email: string) {
+        return this.userModel.findOne({ email });
+    }
+
+    public getUserBySessionToken(sessionToken: string) {
+        return this.userModel.findOne({ 'authentication.sessionToken': sessionToken });
+    }
+
+    public getUserById(id: string) {
+        return this.userModel.findById(id);
+    }
+
+    public createUser(values: Record<string, any>) {
+        return new this.userModel(values).save().then((user) => user.toObject());
+    }
+
+    public deleteUserById(id: string) {
+        return this.userModel.findOneAndDelete({ _id: id });
+    }
+
+    public updateUserById(id: string, values: Record<string, any>) {
+        return this.userModel.findByIdAndUpdate(id, values);
+    }
+}

src/db/users.ts

@@ -0,0 +1,8 @@
+import crypto from 'crypto';
+const SECRET = "VERY-STRONG-SECRET"
+
+
+export const random = () => crypto.randomBytes(128).toString('base64');
+export const authentication = (salt: string, password: string) => {
+    return crypto.createHmac('sha256', [salt, password].join('/')).update(SECRET).digest('hex')
+}

src/helpers/index.ts

@@ -0,0 +1,40 @@
+import express from "express";
+import http from "http";
+import bodyParser from 'body-parser';
+import cookieParser from 'cookie-parser';
+import compression from 'compression';
+import cors from 'cors';
+import routers from "./router";
+import { accessLogger, Logger } from "./loggers/logger";
+import { MongoDB } from "./db/initdb";
+
+MongoDB.initDb()
+const app = express();
+
+app.use(accessLogger);
+
+app.use(cors({
+    credentials: true,
+}))
+
+app.use(compression());
+app.use(cookieParser());
+app.use(bodyParser.json());
+
+const server = http.createServer(app);
+
+server.listen(8080, () => {
+    Logger.Info(`Server is running on port 8080`);
+    console.log("server running on http://localhost:8080");
+});
+
+
+const { v1router, v2router } = routers();
+
+app.use("/v1", v1router);
+app.use("/v2", v2router);
+
+app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => {
+    Logger.Error(err.stack || err.message || JSON.stringify(err));
+    res.status(500).send('Something went wrong!');
+});