workadventure/back/src/Controller/AuthenticateController.ts

95 lines
3.4 KiB
TypeScript
Raw Normal View History

2020-04-05 14:31:49 +02:00
import Jwt from "jsonwebtoken";
2020-09-25 18:29:22 +02:00
import {ADMIN_API_TOKEN, ADMIN_API_URL, SECRET_KEY, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable"; //TODO fix import by "_Enum/..."
import { uuid } from 'uuidv4';
2020-09-28 18:52:54 +02:00
import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";
import {BaseController} from "./BaseController";
2020-09-25 18:29:22 +02:00
import Axios from "axios";
export interface TokenInterface {
2020-09-28 15:02:37 +02:00
userUuid: string
}
interface AdminApiData {
organizationSlug: string
worldSlug: string
roomSlug: string
mapUrlStart: string
userUuid: string
}
2020-09-28 18:52:54 +02:00
export class AuthenticateController extends BaseController {
2020-09-28 18:52:54 +02:00
constructor(private App : TemplatedApp) {
super();
this.login();
}
//permit to login on application. Return token to connect on Websocket IO.
login(){
2020-09-28 18:52:54 +02:00
this.App.options("/login", (res: HttpResponse, req: HttpRequest) => {
this.addCorsHeaders(res);
res.end();
});
2020-09-29 16:12:17 +02:00
this.App.post("/login", (res: HttpResponse, req: HttpRequest) => {
(async () => {
this.addCorsHeaders(res);
res.onAborted(() => {
console.warn('Login request was aborted');
})
const param = await res.json();
//todo: what to do if the organizationMemberToken is already used?
const organizationMemberToken:string|null = param.organizationMemberToken;
try {
let userUuid;
let mapUrlStart;
let newUrl = null;
if (organizationMemberToken) {
if (!ADMIN_API_URL) {
return res.status(401).send('No admin backoffice set!');
}
//todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case.
const data = await Axios.get(ADMIN_API_URL+'/api/login-url/'+organizationMemberToken,
{ headers: {"Authorization" : `${ADMIN_API_TOKEN}`} }
).then((res): AdminApiData => res.data);
userUuid = data.userUuid;
mapUrlStart = data.mapUrlStart;
newUrl = this.getNewUrlOnAdminAuth(data)
} else {
userUuid = uuid();
mapUrlStart = req.getHeader('host').replace('api.', 'maps.') + URL_ROOM_STARTED;
newUrl = null;
2020-09-25 18:29:22 +02:00
}
const authToken = Jwt.sign({userUuid: userUuid}, SECRET_KEY, {expiresIn: '24h'});
res.writeStatus("200 OK").end(JSON.stringify({
authToken,
userUuid,
mapUrlStart,
newUrl,
}));
} catch (e) {
console.log(e.message)
res.writeStatus(e.status || "500 Internal Server Error").end('An error happened');
2020-09-25 18:29:22 +02:00
}
2020-09-29 16:12:17 +02:00
})();
});
}
2020-09-28 15:02:37 +02:00
private getNewUrlOnAdminAuth(data:AdminApiData): string {
2020-09-25 18:29:22 +02:00
const organizationSlug = data.organizationSlug;
const worldSlug = data.worldSlug;
const roomSlug = data.roomSlug;
return '/@/'+organizationSlug+'/'+worldSlug+'/'+roomSlug;
}
}