lol

Former-commit-id: b9914021c04ae1b658f55422471f1f484bdf1d66

client/public/auth.mjs

@@ -22,9 +22,9 @@ async function CheckRedirect() {
             window.alert(e.message || 'authentication error, sorry');
             Signout();
         }
-  
+
         // remove the query parameters
-        window.history.replaceState({}, document.title, '/');  
+        window.history.replaceState({}, document.title, '/');
     }
 }
 
@@ -39,12 +39,31 @@ export async function InitAuth0() {
     const isAuthenticated = await auth0.isAuthenticated();
     if (isAuthenticated) {
         const user = await auth0.getUser();
-        console.log(user);
         NotifyNavbar('login', user);
+
+        // tell the server about the logon, so that it can make the proper
+        // entry in the database, if there is for example an address
+        // associated with the user
+        const token = await auth0.getTokenSilently();
+
+        const fetchOptions = {
+            credentials: 'same-origin',
+            method: 'GET',
+            headers: { Authorization: 'Bearer ' + token },
+        };
+        const res = await fetch('/api/auth/login', fetchOptions);
+        if (!res.ok) {
+            throw new Error('failed to login with the server');
+        }
     }
 }
 
-export async function LoginSignup(context) {
+export async function GetToken() {
+    const token = await auth0.getTokenSilently();
+    return token;
+}
+
+export async function LoginSignup() {
     const isAuthenticated = await auth0.isAuthenticated();
     if (isAuthenticated) {
         return;

package-lock.json

@@ -2126,6 +2126,14 @@
         }
       }
     },
+    "express-oauth2-jwt-bearer": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/express-oauth2-jwt-bearer/-/express-oauth2-jwt-bearer-1.1.0.tgz",
+      "integrity": "sha512-T9sSmGftzMACOH1oY2gniHkiJ53dWjPgIUD/CrJDL5Ss5PeX+PAol53upd7eaKLiLn/vp+AMTefxkkDIPEJXBQ==",
+      "requires": {
+        "jose": "^4.3.7"
+      }
+    },
     "ext": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/ext/-/ext-1.6.0.tgz",
@@ -3328,6 +3336,11 @@
         }
       }
     },
+    "jose": {
+      "version": "4.6.0",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.6.0.tgz",
+      "integrity": "sha512-0hNAkhMBNi4soKSAX4zYOFV+aqJlEz/4j4fregvasJzEVtjDChvWqRjPvHwLqr5hx28Ayr6bsOs1Kuj87V0O8w=="
+    },
     "js-tokens": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",

package.json

@@ -31,6 +31,7 @@
     "cli-color": "^2.0.1",
     "dotenv": "^10.0.0",
     "express": "^4.17.2",
+    "express-oauth2-jwt-bearer": "^1.1.0",
     "install": "^0.13.0",
     "jest": "^27.4.5",
     "jsdoc": "^3.6.10",

src/routes/api.js

@@ -19,7 +19,7 @@ function Init() {
 
     Server.App.get('/api/cdn/:id/');
 
-    Server.App.put('/api/auth/login/');
+    Server.App.get('/api/auth/login', Auth0.JWTMiddleware, Auth0.LoginCheck);
     Server.App.get('/api/auth/orders/');
     Server.App.get('/api/auth/order/:id/');
 

src/routes/auth0-router.js

@@ -0,0 +1,39 @@
+const OAuth2JWTBearer = require('express-oauth2-jwt-bearer');
+
+const AUTH0CONFIG = {
+    audience: 'localhost:8080/api',
+    domain: 'benkyd.eu.auth0.com',
+};
+
+const JWTChecker = OAuth2JWTBearer.auth({
+    audience: AUTH0CONFIG.audience,
+    issuerBaseURL: `https://${AUTH0CONFIG.domain}`,
+});
+
+const status401Errors = [
+    'UnauthorizedError',
+    'InvalidTokenError',
+];
+
+function JWTMiddleware(req, res, next) {
+    return JWTChecker(req, res, (err) => {
+        if (err && status401Errors.includes(err.name)) {
+            res.sendStatus(401);
+        } else {
+            next(err);
+        }
+    });
+}
+
+function LoginCheck(req, res, next) {
+    if (req.user) {
+        next();
+    } else {
+        res.status(401).send('Unauthorized');
+    }
+}
+
+module.exports = {
+    JWTMiddleware,
+    LoginCheck,
+};