to much to say

auth/auth.js

@@ -0,0 +1,34 @@
+const {JWTAuth} = require("auth-guardian");
+const dotenv = require("dotenv");
+
+dotenv.config();
+ 
+const jwtAuth = new JWTAuth(process.env.JWT_SECRET);
+
+function generateAccesToken(user, expiresIn = "1h"){
+    return jwtAuth.generateJWT({user: user}, {expiresIn: expiresIn});
+}
+
+function generateRefreshToken(user, expiresIn = "5d"){
+    return jwtAuth.generateJWT({user: user}, {expiresIn: expiresIn});
+}
+
+function generatePermtoken(user, expiresIn = "60d"){
+    return jwtAuth.generateJWT({user: user}, {expiresIn: expiresIn});
+}
+
+function verifyToken(token){
+    try{
+        return jwtAuth.verifyJWT(token);
+    }
+    catch(err){
+        return false;
+    }
+}
+
+module.exports = {
+    generateAccesToken,
+    generateRefreshToken,
+    generatePermtoken,
+    verifyToken
+}

auth/auth.test.js

@@ -0,0 +1,81 @@
+const dotenv = require("dotenv");
+const { generateAccesToken, generateRefreshToken, generatePermtoken, verifyToken} = require("./auth");
+
+dotenv.config();
+
+describe('Auth.js Tests', () => {
+    const user = { id: 1, name: 'Test User' };
+
+    test('generateAccesToken should return a valid JWT', () => {
+        const token = generateAccesToken(user);
+        const decoded = verifyToken(token);
+        expect(decoded.user).toEqual(user);
+    });
+
+    test('generateRefreshToken should return a valid JWT', () => {
+        const token = generateRefreshToken(user);
+        const decoded = verifyToken(token);
+        expect(decoded.user).toEqual(user);
+    });
+
+    test('generatePermtoken should return a valid JWT', () => {
+        const token = generatePermtoken(user);
+        const decoded = verifyToken(token);
+        expect(decoded.user).toEqual(user);
+    });
+
+    test('verifyToken should return user for a valid token', () => {
+        const token = generateAccesToken(user);
+        const result = verifyToken(token);
+        expect(result.user).toEqual(user);
+    });
+
+    test('verifyRefreshToken should return true for a valid token', () => {
+        const token = generateRefreshToken(user);
+        const result = verifyToken(token);
+        expect(result.user).toEqual(user);
+    });
+
+    test('verifyPermtoken should return true for a valid token', () => {
+        const token = generatePermtoken(user);
+        const result = verifyToken(token);
+        expect(result.user).toEqual(user);
+    });
+
+
+    test('verifyToken should return false for an expired token', () => {
+        const token = generateAccesToken(user, "1ms");
+        const result = verifyToken(token);
+        expect(result.user).toEqual(undefined);
+    });
+
+    test('verifyRefreshToken should return false for an expired token', () => {
+        const token = generateAccesToken(user, "1ms");
+        const result = verifyToken(token);
+        expect(result.user).toEqual(undefined);
+    });
+
+    test('verifyPermtoken should return false for an expired token', () => {
+        const token = generateAccesToken(user, "1ms");
+        const result = verifyToken(token);
+        expect(result.user).toEqual(undefined);
+    });
+
+    test('verifyToken should return false for a token with an invalid signature', () => {
+        const token = generateAccesToken(user);
+        const result = verifyToken(token + 'a');
+        expect(result).toBe(false);
+    });
+
+    test('verifyRefreshToken should return false for a token with an invalid signature', () => {
+        const token = generateRefreshToken(user);
+        const result = verifyToken(token + 'a');
+        expect(result).toBe(false);
+    });
+
+    test('verifyPermtoken should return false for a token with an invalid signature', () => {
+        const token = generatePermtoken(user);
+        const result = verifyToken(token + 'a');
+        expect(result).toBe(false);
+    });
+});

auth/middleware.js

@@ -0,0 +1,50 @@
+const {verifyToken, generateAccesToken, generateRefreshToken} = require("./auth");
+
+const auth = (req, res, next) => {
+    const refreshToken = req.cookies.refreshToken;
+    const accessToken = req.cookies.accessToken;
+    const permtoken = req.cookies.permtoken;
+    if(!refreshToken && !accessToken && !permtoken) return res.status(401).json({error: "Unauthorized"});
+
+    if(accessToken){
+        const result = verifyToken(accessToken);
+        if(result.user){
+            req.user = result.user;
+            return next();
+        }
+    }
+
+    else if(refreshToken && !accessToken){
+        const result = verifyToken(refreshToken);
+        if(result != false){
+            //create new access token
+            const newAccessToken = generateAccesToken(result.user);
+            res.cookie("accessToken", newAccessToken, {httpOnly: true});
+        }
+        if(result.user){
+            req.user = result.user;
+            return next();
+        }
+    }
+
+    else if(permtoken){
+        const result = verifyToken(permtoken);
+        if(result != false){
+            //create new access token
+            const newAccessToken = generateAccesToken(result.user);
+            res.cookie("accessToken", newAccessToken, {httpOnly: true});
+
+            //create new refresh token
+            const newRefreshToken = generateRefreshToken(result.user);
+            res.cookie("refreshToken", newRefreshToken, {httpOnly: true});
+        }
+        if(result.user){
+            req.user = result.user;
+            return next();
+        }
+    }
+
+    return res.status(401).json({error: "Unauthorized"});
+}
+
+module.exports = auth;

auth/middleware.test.js

@@ -0,0 +1,98 @@
+const dotenv = require("dotenv");
+const { generateAccesToken, generateRefreshToken, generatePermtoken, verifyToken} = require("./auth");
+const middleware = require("./middleware");
+dotenv.config();
+
+describe('Middleware.js Tests', () => {
+    let req, res, next;
+
+    const user = { id: 1, name: 'Test User' };
+
+    beforeEach(() => {
+        req = { cookies: {} };
+        res = { 
+            cookie: jest.fn(),
+            status: jest.fn(function() {
+                return this;
+            }),
+            json: jest.fn()
+        };
+        next = jest.fn();
+    });
+
+    test('should call next() if access token is valid', () => {
+        const token = generateAccesToken(user);
+        req.cookies.accessToken = token;
+        middleware(req, res, next);
+        expect(next).toHaveBeenCalled();
+    });
+
+    test('should call next() if refresh token is valid', () => {
+        const token = generateRefreshToken(user);
+        req.cookies.refreshToken = token;
+        middleware(req, res, next);
+        expect(next).toHaveBeenCalled();
+    });
+
+    test('should call next() if permtoken is valid', () => {
+        const token = generatePermtoken(user);
+        req.cookies.permtoken = token;
+        middleware(req, res, next);
+        expect(next).toHaveBeenCalled();
+    });
+
+    test('should return 401 if no tokens are present', () => {
+        middleware(req, res, next);
+        expect(res.status).toHaveBeenCalledWith(401);
+    });
+
+    test('should return 401 if access token is invalid', () => {
+        const token = generateAccesToken(user);
+        req.cookies.accessToken = token + 'a';
+        middleware(req, res, next);
+        expect(res.status).toHaveBeenCalledWith(401);
+    });
+
+    test('should return 401 if refresh token is invalid', () => {
+        const token = generateRefreshToken(user);
+        req.cookies.refreshToken = token + 'a';
+        middleware(req, res, next);
+        expect(res.status).toHaveBeenCalledWith(401);
+    });
+
+    test('should return 401 if permtoken is invalid', () => {
+        const token = generatePermtoken(user);
+        req.cookies.permtoken = token + 'a';
+        middleware(req, res, next);
+        expect(res.status).toHaveBeenCalledWith(401);
+    });
+
+    test('should return access token if refresh token is valid', () => {
+        const token = generateRefreshToken(user);
+        req.cookies.refreshToken = token;
+        middleware(req, res, next);
+        expect(res.cookie).toHaveBeenCalledWith('accessToken', expect.any(String), { httpOnly: true });
+    });
+
+    test('should return access token and refresh if permtoken is valid', () => {
+        const token = generatePermtoken(user);
+        req.cookies.permtoken = token;
+        middleware(req, res, next);
+        expect(res.cookie).toHaveBeenCalledWith('accessToken', expect.any(String), { httpOnly: true });
+        expect(res.cookie).toHaveBeenCalledWith('refreshToken', expect.any(String), { httpOnly: true });
+    });
+
+    test('should not return refresh token if access token is valid', () => {
+        const token = generateAccesToken(user);
+        req.cookies.accessToken = token;
+        middleware(req, res, next);
+        expect(res.cookie).not.toHaveBeenCalledWith('refreshToken', expect.any(String), { httpOnly: true });
+    });
+
+    test('should not return permtoken token if refresh is valid', () => {
+        const token = generatePermtoken(user);
+        req.cookies.permtoken = token;
+        middleware(req, res, next);
+        expect(res.cookie).not.toHaveBeenCalledWith('permtoken', expect.any(String), { httpOnly: true });
+    });
+});

auth/password.js

@@ -0,0 +1,38 @@
+const {PassCheck, PasswordGenerator } = require("auth-guardian")
+
+const passwordPolicyOptions = {
+    minLength: process.env.PASSMINLENGTH,
+    maxLength: process.env.PASSMAXLENGTH,
+    minLower: process.env.PASSMINLOWERCASE,
+    minUpper: process.env.PASSMINUPPERCASE,
+    minNum: process.env.PASSMINNUMBERS,
+    minSpecial: process.env.PASSMINSYMBOLS,
+    specialChars: process.env.PASSSYMBOLS
+}
+
+const passwordPolicyOptionsGenerate = {
+    minLength:  12,
+    maxLength: 18,
+    minLower: process.env.PASSMINLOWERCASE,
+    minUpper: process.env.PASSMINUPPERCASE,
+    minNum: process.env.PASSMINNUMBERS,
+    minSpecial: process.env.PASSMINSYMBOLS,
+    specialChars: process.env.PASSSYMBOLS
+}
+
+const passWordCheck = new PassCheck(parseInt(process.env.SaltRounds), passwordPolicyOptions)
+const passwordGen = new PasswordGenerator({passwordPolicyOptionsGenerate})
+
+function verify(password, hash){
+    return passWordCheck.verifyPassword(password, hash)
+}
+
+function hash(password){
+    return passWordCheck.hashPassword(password)
+}
+
+function generatePassword(){
+    return passwordGen.Generate()
+}
+
+module.exports = {verify, hash, generatePassword}

auth/password.test.js

@@ -0,0 +1,31 @@
+const dotenv = require("dotenv");
+const {verify, hash, generatePassword} = require("./password");
+
+dotenv.config();
+
+describe('Password.js Tests', () => {
+    const password = 'password';
+    test('hash should return a hashed password', async () => {
+        const hashedPassword = await hash(password);
+        expect(hashedPassword).not.toEqual(password);
+    });
+
+    test('verify should return true for a valid password', async () => {
+        const hashedPassword = await hash(password);
+        const result = await verify(password, hashedPassword);
+        expect(result).toBe(true);
+    });
+
+    test('verify should return false for an invalid password', async () => {
+        const hashedPassword = await hash(password);
+        const result = await verify(password + 'a', hashedPassword);
+        expect(result).toBe(false);
+    });
+
+    test('generatePassword should return a valid password', async () => {
+        const generatedPassword = await generatePassword();
+        const hashedpass = await hash(generatedPassword);
+        const result = await verify(generatedPassword, hashedpass);
+        expect(result).toBe(true);
+    });
+});