backend/src/utils/auth.utils.js

const log    = require('../utils/log.utils');
const crypto = require('crypto')
const db     = require('../services/dbAccess.services');
const fs     = require('fs/promises')
const minify = require('html-minifier').minify;

// Checks users registration key against issued keys
async function isAuthed(uuid) {  // Needs testing
    const q = {uuid: uuid}
    const res = await db.query("users", q)
    log.out(`authUtils.checkUser: DB Query answer: ${JSON.stringify(res[0])}`, "dbug")
    const authorized = res && res[0] && res[0].domain;
    if (authorized) db.userAtime(uuid)
    return authorized
}

// Checks whether a registration request key is valid
async function checkRequest(key) {
    const collection = "registrations"
    const query = {uuid: key}
    const res = await db.query(collection, query)
    log.out(`authUtils.checkRequest: DB Query result: ${JSON.stringify(res)}`, "dbug")
    const result = res.length > 0 && res[0].time
      ? { result: true, domain: res[0].domain }
      : { result: false };
    return result;
}

// Creates an API key for a user
async function generateKey() {  // Needs testing & moving to 'register.utils'
    return crypto.randomUUID()
};

async function generateConfirmationEmail(eml, uuid) {
    try {
        let htmlTpl = await fs.readFile('mail-templates/register.html', 'utf-8');
        let mini = minify(((htmlTpl).replace(/>>ACCESSCODE<</g, uuid)), { // Add collapse whitespace here
            removeComments: true,
            collapseWhitespace: true,
            minifyCSS: true
        });
        let txtTpl = fs.readFile('mail-templates/register.txt', 'utf-8');
        return msg = { // CSS Needs to be inlined.  See css-inline, or css-inliner
            to: eml,
            subject: "OwlBoard Registration",
            text: (await txtTpl).replace(/>>ACCESSCODE<</g, uuid),
            html: mini
        }
    } catch(err) {
        log.out(`mailServices.generateConfirmationEmail: Error reading templates, $(err)`, "err");
        return false;
    }
}

module.exports = {
    isAuthed,
    generateKey,
    generateConfirmationEmail,
    checkRequest
}
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`const log = require('../utils/log.utils');`
Add initial registration functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 21:28:46 +01:00			`const crypto = require('crypto')`
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`const db = require('../services/dbAccess.services');`
			`const fs = require('fs/promises')`
Add html-minifier for outgoing email Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 20:56:05 +01:00			`const minify = require('html-minifier').minify;`
Add initial registration functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 21:28:46 +01:00
			`// Checks users registration key against issued keys`
More work on reg services Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 19:42:47 +01:00			`async function isAuthed(uuid) { // Needs testing`
Add rate limiting and tidy up various code. Will need complete review long before merging to main. Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 22:01:37 +01:00			`const q = {uuid: uuid}`
			`const res = await db.query("users", q)`
			log.out(`authUtils.checkUser: DB Query answer: ${JSON.stringify(res[0])}`, "dbug")
			`const authorized = res && res[0] && res[0].domain;`
			`if (authorized) db.userAtime(uuid)`
			`return authorized`
More work on reg services Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 19:42:47 +01:00			`}`

			`// Checks whether a registration request key is valid`
			`async function checkRequest(key) {`
Add rate limiting and tidy up various code. Will need complete review long before merging to main. Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 22:01:37 +01:00			`const collection = "registrations"`
			`const query = {uuid: key}`
More work on reg services Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 19:42:47 +01:00			`const res = await db.query(collection, query)`
Add rate limiting and tidy up various code. Will need complete review long before merging to main. Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 22:01:37 +01:00			log.out(`authUtils.checkRequest: DB Query result: ${JSON.stringify(res)}`, "dbug")
			`const result = res.length > 0 && res[0].time`
			`? { result: true, domain: res[0].domain }`
			`: { result: false };`
			`return result;`
Add initial registration functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 21:28:46 +01:00			`}`

			`// Creates an API key for a user`
Add comments Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 01:09:50 +01:00			`async function generateKey() { // Needs testing & moving to 'register.utils'`
Add request and register functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 22:12:38 +01:00			`return crypto.randomUUID()`
Add initial registration functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 21:28:46 +01:00			`};`

Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`async function generateConfirmationEmail(eml, uuid) {`
			`try {`
Add html-minifier for outgoing email Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 20:56:05 +01:00			`let htmlTpl = await fs.readFile('mail-templates/register.html', 'utf-8');`
Comments Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 21:21:09 +01:00			`let mini = minify(((htmlTpl).replace(/>>ACCESSCODE<</g, uuid)), { // Add collapse whitespace here`
Prepare to move minification into separate module Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 21:47:27 +01:00			`removeComments: true,`
Add minifyCSS option to html-minifier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-19 20:51:57 +01:00			`collapseWhitespace: true,`
			`minifyCSS: true`
Add html-minifier for outgoing email Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 20:56:05 +01:00			`});`
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`let txtTpl = fs.readFile('mail-templates/register.txt', 'utf-8');`
Add notes Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-21 19:55:24 +01:00			`return msg = { // CSS Needs to be inlined. See css-inline, or css-inliner`
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`to: eml,`
			`subject: "OwlBoard Registration",`
			`text: (await txtTpl).replace(/>>ACCESSCODE<</g, uuid),`
Comments Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-18 21:21:09 +01:00			`html: mini`
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`}`
			`} catch(err) {`
			log.out(`mailServices.generateConfirmationEmail: Error reading templates, $(err)`, "err");
			`return false;`
			`}`
			`}`

Add authentication middleware Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 00:58:48 +01:00			`module.exports = {`
			`isAuthed,`
Refactoring mail code Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-05 11:27:01 +01:00			`generateKey,`
More work on reg services Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-06 19:42:47 +01:00			`generateConfirmationEmail,`
			`checkRequest`
Add initial registration functions Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-04-04 21:28:46 +01:00			`}`