authentication

Former-commit-id: e3103152df68ab5539f0c5e3e2286323586e0e7a

client/public/auth.mjs

@@ -3,6 +3,7 @@ import { NotifyNavbar } from './components/navbar.mjs';
 const AUTH0CONFIG = {
     domain: 'benkyd.eu.auth0.com',
     clientId: 'WAOkscCNYD4FzXrm6pEQi3oNKNfa8l1F',
+    audience: 'localhost:8080/api',
 };
 
 let auth0 = null;
@@ -32,6 +33,7 @@ export async function InitAuth0() {
     auth0 = await window.createAuth0Client({
         domain: AUTH0CONFIG.domain,
         client_id: AUTH0CONFIG.clientId,
+        audience: AUTH0CONFIG.audience,
     });
 
     await CheckRedirect();
@@ -47,9 +49,8 @@ export async function InitAuth0() {
         const token = await auth0.getTokenSilently();
 
         const fetchOptions = {
-            credentials: 'same-origin',
             method: 'GET',
-            headers: { Authorization: 'Bearer ' + token },
+            headers: { Authorization: `Bearer ${token}` },
         };
         const res = await fetch('/api/auth/login', fetchOptions);
         if (!res.ok) {

package.json

@@ -26,18 +26,14 @@
     }
   },
   "dependencies": {
-    "@auth0/auth0-spa-js": "^1.21.0",
     "axios": "^0.25.0",
     "cli-color": "^2.0.1",
     "dotenv": "^10.0.0",
     "express": "^4.17.2",
     "express-oauth2-jwt-bearer": "^1.1.0",
-    "install": "^0.13.0",
     "jest": "^27.4.5",
     "jsdoc": "^3.6.10",
-    "md5": "^2.3.0",
     "moment": "^2.29.1",
-    "node-fetch": "^2.6.7",
     "npm": "^8.6.0",
     "pg": "^8.7.3",
     "pg-native": "^3.0.0"

src/routes/api.js

@@ -19,7 +19,7 @@ function Init() {
 
     Server.App.get('/api/cdn/:id/');
 
-    Server.App.get('/api/auth/login', Auth0.JWTMiddleware, Auth0.LoginCheck);
+    Server.App.get('/api/auth/login', Auth0.JWTMiddleware, Auth0.Login);
     Server.App.get('/api/auth/orders/');
     Server.App.get('/api/auth/order/:id/');
 

src/routes/auth0-router.js

@@ -1,8 +1,14 @@
+// Loosely based on https://github.com/portsoc/auth0-example/blob/main/stages/6/server/auth0-helpers.js
+
+const Logger = require('../logger.js');
+
+const Axios = require('axios');
 const OAuth2JWTBearer = require('express-oauth2-jwt-bearer');
 
 const AUTH0CONFIG = {
-    audience: 'localhost:8080/api',
     domain: 'benkyd.eu.auth0.com',
+    clientId: 'WAOkscCNYD4FzXrm6pEQi3oNKNfa8l1F',
+    audience: 'localhost:8080/api',
 };
 
 const JWTChecker = OAuth2JWTBearer.auth({
@@ -25,15 +31,37 @@ function JWTMiddleware(req, res, next) {
     });
 }
 
-function LoginCheck(req, res, next) {
-    if (req.user) {
-        next();
-    } else {
-        res.status(401).send('Unauthorized');
+async function Auth0GetUser(req) {
+    if (!req.auth) {
+        return null;
     }
+
+    if (!req.auth || !req.auth.token) return null;
+
+    try {
+        const response = await Axios.get(`https://${AUTH0CONFIG.domain}/userinfo`, {
+            method: 'GET',
+            headers: {
+                authorization: `Bearer ${req.auth.token}`,
+            },
+        });
+
+        return response.data;
+    } catch (err) {
+        Logger.Error('error getting auth profile', req.auth, err);
+        return null;
+    }
+}
+
+async function Login(req, res) {
+    // tell the user all is well
+    res.send('Authenticated user: ' + req.auth.payload.sub);
+
+    // tell the database the user is new if they don't already exist
+    const user = await Auth0GetUser(req);
 }
 
 module.exports = {
     JWTMiddleware,
-    LoginCheck,
+    Login,
 };