Improved passing of req, res, and tokens

2023-04-10 18:51:38 +02:00 · 2023-04-10 18:51:38 +02:00 · 39ddf8fde9
commit 39ddf8fde9
parent a8e5b57363
17 changed files with 134 additions and 170 deletions
--- a/leaky-ships/lib/backend/components/checkPasswordIsValid.ts
+++ b/leaky-ships/lib/backend/components/checkPasswordIsValid.ts
@ -1,19 +1,17 @@
 import { Player } from "@prisma/client"
 import bcrypt from "bcrypt"
 import errors from "../errors"
-import sendError from "./sendError"
+import sendError, { API } from "./sendError"
 import { NextApiRequest, NextApiResponse } from "next"
 export default async function checkPasswordIsValid(
-  req: NextApiRequest,
+  context: API,
  res: NextApiResponse,
  player: Player,
  password: string,
  next: () => void
 ) {
  // Validate for correct password
  const result = await bcrypt.compare(password, player.passwordHash)
-  if (!result) return sendError(req, res, errors.wrongPassword)
+  if (!result) return sendError(context, errors.wrongPassword)
  return next()
 }
--- a/leaky-ships/lib/backend/components/checkTokenIsValid.ts
+++ b/leaky-ships/lib/backend/components/checkTokenIsValid.ts
@ -1,34 +1,29 @@
 import { TokenType } from "@prisma/client"
 import jwt from "jsonwebtoken"
 import errors from "../errors"
 import jwtVerifyCatch from "../jwtVerifyCatch"
-import { NextApiRequest, NextApiResponse } from "next"
+import sendError, { API } from "./sendError"
-import sendError from "./sendError"
+import { IdToken, RawToken } from "./createTokenDB"
 async function checkTokenIsValid(
-  req: NextApiRequest,
+  context: API,
-  res: NextApiResponse,
+  rawToken: RawToken,
-  rawToken: [string, TokenType],
+  next: (token: IdToken) => void
  next: (tokenBody: jwt.JwtPayload) => void
 ) {
-  const [tokenValue, tokenType] = rawToken
+  const { value, type } = rawToken
  // Verify the token and get the payload
-  let tokenData: string | jwt.JwtPayload
+  let data: string | jwt.JwtPayload
  try {
-    tokenData = jwt.verify(
+    data = jwt.verify(value, process.env.ACCESS_TOKEN_SECRET as string)
      tokenValue,
      process.env.ACCESS_TOKEN_SECRET as string
    )
  } catch (err: any) {
    // Deal with the problem in more detail
-    return sendError(req, res, jwtVerifyCatch(tokenType, err))
+    return sendError(context, jwtVerifyCatch(type, err))
  }
  // Making sure the token data is not a string (because it should be an object)
-  if (typeof tokenData === "string")
+  if (typeof data === "string")
-    return sendError(req, res, errors.tokenWasString(tokenType, tokenValue))
+    return sendError(context, errors.tokenWasString(type, value))
-  return next(tokenData)
+  return next({ id: data.id, type })
 }
 export default checkTokenIsValid
--- a/leaky-ships/lib/backend/components/createTokenDB.ts
+++ b/leaky-ships/lib/backend/components/createTokenDB.ts
@ -2,6 +2,15 @@ import { Player, Token, TokenType } from "@prisma/client"
 import jwt from "jsonwebtoken"
 import prisma from "../../prisma"
 export interface RawToken {
  value: string
  type: TokenType
 }
 export interface IdToken {
  id: string
  type: TokenType
 }
 const tokenLifetime = {
  REFRESH: 172800,
  ACCESS: 15,
@ -10,7 +19,7 @@ const tokenLifetime = {
 export default async function createTokenDB(
  player: Player,
  newTokenType: TokenType,
-  next: (token: [string, Token]) => void
+  next: (newToken: RawToken, newTokenDB: Token) => void
 ) {
  // Create token entry in DB
  const newTokenDB = await prisma.token.create({
@ -32,5 +41,5 @@ export default async function createTokenDB(
    { expiresIn: tokenLifetime[newTokenType] }
  )
-  return next([newToken, newTokenDB])
+  return next({ value: newToken, type: "ACCESS" }, newTokenDB)
 }
--- a/leaky-ships/lib/backend/components/getPlayerByIdDB.ts
+++ b/leaky-ships/lib/backend/components/getPlayerByIdDB.ts
@ -1,12 +1,10 @@
 import { Player, Token } from "@prisma/client"
 import errors from "../errors"
 import prisma from "../../prisma"
-import { NextApiRequest, NextApiResponse } from "next"
+import sendError, { API } from "./sendError"
 import sendError from "./sendError"
 export default async function getPlayerByIdDB(
-  req: NextApiRequest,
+  context: API,
  res: NextApiResponse,
  tokenDB: Token,
  next: (player: Player) => void
 ) {
@ -17,7 +15,7 @@ export default async function getPlayerByIdDB(
    },
  })
  if (!player) {
-    return sendError(req, res, errors.playerNotFound)
+    return sendError(context, errors.playerNotFound)
  }
  return next(player)
--- a/leaky-ships/lib/backend/components/getPlayerByNameDB.ts
+++ b/leaky-ships/lib/backend/components/getPlayerByNameDB.ts
@ -1,12 +1,10 @@
 import { Player } from "@prisma/client"
 import errors from "../errors"
 import prisma from "../../prisma"
-import sendError from "./sendError"
+import sendError, { API } from "./sendError"
 import { NextApiRequest, NextApiResponse } from "next"
 export default async function getPlayerByNameDB(
-  req: NextApiRequest,
+  context: API,
  res: NextApiResponse,
  username: string,
  next: (player: Player) => void
 ) {
@ -23,7 +21,7 @@ export default async function getPlayerByNameDB(
      },
    }),
  ]).catch(() => null)
-  if (player === null) return sendError(req, res, errors.playerNotFound)
+  if (player === null) return sendError(context, errors.playerNotFound)
  return next(player)
 }
--- a/leaky-ships/lib/backend/components/getTokenDB.ts
+++ b/leaky-ships/lib/backend/components/getTokenDB.ts
@ -1,30 +1,28 @@
 import prisma from "../../prisma"
-import jwt from "jsonwebtoken"
+import { Token } from "@prisma/client"
 import { Token, TokenType } from "@prisma/client"
 import errors from "../errors"
-import sendError from "./sendError"
+import sendError, { API } from "./sendError"
-import { NextApiRequest, NextApiResponse } from "next"
+import { IdToken } from "./createTokenDB"
 async function getTokenDB(
-  req: NextApiRequest,
+  context: API,
-  res: NextApiResponse,
+  token: IdToken,
  tokenBody: jwt.JwtPayload,
  tokenType: TokenType,
  next: (tokenDB: Token) => void
 ) {
  const { id, type } = token
  // Find refresh token in DB
  const tokenDB = await prisma.token.findUnique({
    where: {
-      id: tokenBody.id,
+      id,
    },
  })
-  if (!tokenDB) return sendError(req, res, errors.tokenNotFound(tokenType))
+  if (!tokenDB) return sendError(context, errors.tokenNotFound(type))
-  if (tokenDB.used) return sendError(req, res, errors.tokenUsed)
+  if (tokenDB.used) return sendError(context, errors.tokenUsed)
  await prisma.token.update({
    where: {
-      id: tokenBody.id,
+      id,
    },
    data: {
      used: true,
--- a/leaky-ships/lib/backend/components/getTokenFromBody.ts
+++ b/leaky-ships/lib/backend/components/getTokenFromBody.ts
@ -1,13 +1,11 @@
-import { TokenType } from "@prisma/client"
+import sendError, { API } from "./sendError"
-import { NextApiRequest, NextApiResponse } from "next"
+import { RawToken } from "./createTokenDB"
 import sendError from "./sendError"
 async function getTokenFromBody(
-  req: NextApiRequest,
+  context: API,
-  res: NextApiResponse,
+  next: (accessToken: RawToken) => void
  next: (refreshToken: [string, TokenType]) => void
 ) {
-  const body = JSON.parse(req.body)
+  const body = JSON.parse(context.req.body)
  // Checking for cookie presens, because it is necessary
  if (
    typeof body !== "object" ||
@ -15,14 +13,14 @@ async function getTokenFromBody(
    !("token" in body) ||
    typeof body.token !== "string"
  )
-    return sendError(req, res, {
+    return sendError(context, {
      message: "Unauthorized. No Access-Token.",
      statusCode: 401,
      solved: true,
    })
-  const tokenValue = body.token
+  const value = body.token
-  return next([tokenValue, "ACCESS"])
+  return next({ value, type: "ACCESS" })
 }
 export default getTokenFromBody
--- a/leaky-ships/lib/backend/components/getTokenFromCookie.ts
+++ b/leaky-ships/lib/backend/components/getTokenFromCookie.ts
@ -1,19 +1,17 @@
 import { TokenType } from "@prisma/client"
 import { NextApiRequest, NextApiResponse } from "next"
 import errors from "../errors"
-import sendError from "./sendError"
+import { RawToken } from "./createTokenDB"
 import sendError, { API } from "./sendError"
 async function getTokenFromCookie(
-  req: NextApiRequest,
+  context: API,
-  res: NextApiResponse,
+  next: (refreshToken: RawToken) => void
  next: (refreshToken: [string, TokenType]) => void
 ) {
-  const tokenValue = req.cookies.token
+  const value = context.req.cookies.token
  // Checking for cookie presens, because it is necessary
-  if (!tokenValue) return sendError(req, res, errors.noCookie)
+  if (!value) return sendError(context, errors.noCookie)
-  return next([tokenValue, "REFRESH"])
+  return next({ value, type: "REFRESH" })
 }
 export default getTokenFromCookie
--- a/leaky-ships/lib/backend/components/getUserFromBody.ts
+++ b/leaky-ships/lib/backend/components/getUserFromBody.ts
@ -1,23 +1,21 @@
-import { NextApiRequest, NextApiResponse } from "next"
+import sendError, { API } from "./sendError"
 import sendError from "./sendError"
 import errors from "../errors"
 async function getUserFromBody(
-  req: NextApiRequest,
+  context: API,
  res: NextApiResponse,
  next: (username: string, password: string) => void
 ) {
-  const body = JSON.parse(req.body)
+  const body = JSON.parse(context.req.body)
  if (
    typeof body !== "object" ||
    !body ||
    !("username" in body) ||
    typeof body.username !== "string"
  )
-    return sendError(req, res, errors.noUsername)
+    return sendError(context, errors.noUsername)
  const { username } = body
  if (!("password" in body) || typeof body.password !== "string")
-    return sendError(req, res, errors.noPassword)
+    return sendError(context, errors.noPassword)
  const { password } = body
  return next(username, password)
--- a/leaky-ships/lib/backend/components/sendError.ts
+++ b/leaky-ships/lib/backend/components/sendError.ts
@ -1,11 +1,13 @@
 import { NextApiRequest, NextApiResponse } from "next"
 import logging from "../logging"
-export default function sendError(
+export interface API {
-  req: NextApiRequest,
+  req: NextApiRequest
-  res: NextApiResponse,
+  res: NextApiResponse
-  err: any
+}
-) {
+
 export default function sendError(context: API, err: any) {
  const { res, req } = context
  // If something went wrong, let the client know with status 500
  res.status(err.statusCode ?? 500).end()
  logging(err.message, [err.type ?? (err.solved ? "debug" : "error")], req)
--- a/leaky-ships/lib/backend/components/sendResponse.ts
+++ b/leaky-ships/lib/backend/components/sendResponse.ts
@ -1,5 +1,5 @@
 import { NextApiRequest, NextApiResponse } from "next"
 import logging, { Logging } from "../logging"
 import type { API } from "./sendError"
 export interface Result<T> {
  message: string
@ -8,11 +8,8 @@ export interface Result<T> {
  type?: Logging[]
 }
-export default function sendResponse<T>(
+export default function sendResponse<T>(context: API, result: Result<T>) {
-  req: NextApiRequest,
+  const { req, res } = context
  res: NextApiResponse<T>,
  result: Result<T>
 ) {
  res.status(result.statusCode ?? 200)
  result.body ? res.json(result.body) : res.end()
  logging(result.message, result.type ?? ["debug"], req)
--- a/leaky-ships/lib/frontend/checkIsLoggedIn.ts
+++ b/leaky-ships/lib/frontend/checkIsLoggedIn.ts
@ -1,30 +0,0 @@
 import { GetServerSidePropsContext, PreviewData } from "next"
 import { ParsedUrlQuery } from "querystring"
 import getTokenFromCookie from "../backend/components/getTokenFromCookie"
 import checkTokenIsValid from "../backend/components/checkTokenIsValid"
 import getTokenDB from "../backend/components/getTokenDB"
 import getPlayerByIdDB from "../backend/components/getPlayerByIdDB"
 import logging from "../backend/logging"
 export default async function checkIsLoggedIn(
  context: GetServerSidePropsContext<ParsedUrlQuery, PreviewData>
 ) {
  const req: any = context.req
  const res: any = context.res
  const isLoggedIn = await getTokenFromCookie(req, res, (token) =>
    checkTokenIsValid(req, res, token, (tokenBody) =>
      getTokenDB(req, res, tokenBody, token[1], (tokenDB) =>
        getPlayerByIdDB(req, res, tokenDB, (player) => !!player)
      )
    )
  ).catch(() => false)
  logging(
    "loginCheck " + (isLoggedIn ? true : "-> loggedIn: " + false),
    ["debug", "infoCyan"],
    req
  )
  return isLoggedIn
 }
--- a/leaky-ships/pages/api/auth.ts
+++ b/leaky-ships/pages/api/auth.ts
@ -6,7 +6,9 @@ import getTokenFromCookie from "../../lib/backend/components/getTokenFromCookie"
 import checkTokenIsValid from "../../lib/backend/components/checkTokenIsValid"
 import getTokenDB from "../../lib/backend/components/getTokenDB"
 import getPlayerByIdDB from "../../lib/backend/components/getPlayerByIdDB"
-import createTokenDB from "../../lib/backend/components/createTokenDB"
+import createTokenDB, {
  RawToken,
 } from "../../lib/backend/components/createTokenDB"
 import sendResponse from "../../lib/backend/components/sendResponse"
 interface Data {
@ -17,26 +19,26 @@ export default async function auth(
  req: NextApiRequest,
  res: NextApiResponse<Data>
 ) {
-  getTokenFromCookie(req, res, (token) => {
+  const context = { req, res }
-    checkTokenIsValid(req, res, token, (tokenBody) => {
+
-      getTokenDB(req, res, tokenBody, token[1], (tokenDB) => {
+  getTokenFromCookie(context, (refreshToken) => {
-        getPlayerByIdDB(req, res, tokenDB, (player) => {
+    checkTokenIsValid(context, refreshToken, (token) => {
-          createTokenDB(player, "ACCESS", (newToken) => {
+      getTokenDB(context, token, (tokenDB) => {
-            sendResponse(req, res, authResponse(newToken, tokenDB))
+        getPlayerByIdDB(context, tokenDB, (player) => {
          createTokenDB(player, "ACCESS", (newToken, newTokenDB) => {
            sendResponse(context, authResponse(newToken, newTokenDB, tokenDB))
          })
        })
      })
    })
-  }).catch((err) => sendError(req, res, err))
+  }).catch((err) => sendError(context, err))
 }
-function authResponse(newToken: [string, Token], tokenDB: Token) {
+function authResponse(newToken: RawToken, newTokenDB: Token, tokenDB: Token) {
  const [newTokenValue, newTokenDB] = newToken
  // Successfull response
  return {
    message: `Access-Token generated: ${newTokenDB.id} with Refreshtoken-Token: ${tokenDB.id}`,
-    body: { token: newTokenValue },
+    body: { token: newToken.value },
    type: ["debug", "info.cyan"] as Logging[],
  }
 }
--- a/leaky-ships/pages/api/data.ts
+++ b/leaky-ships/pages/api/data.ts
@ -16,15 +16,17 @@ export default async function data(
  req: NextApiRequest,
  res: NextApiResponse<Data>
 ) {
-  return getTokenFromBody(req, res, (token) => {
+  const context = { req, res }
-    checkTokenIsValid(req, res, token, (tokenBody) => {
+
-      getTokenDB(req, res, tokenBody, token[1], (tokenDB) => {
+  return getTokenFromBody(context, (accessToken) => {
-        getPlayerByIdDB(req, res, tokenDB, (player) => {
+    checkTokenIsValid(context, accessToken, (token) => {
-          sendResponse(req, res, dataResponse(player, tokenDB))
+      getTokenDB(context, token, (tokenDB) => {
        getPlayerByIdDB(context, tokenDB, (player) => {
          sendResponse(context, dataResponse(player, tokenDB))
        })
      })
    })
-  }).catch((err) => sendError(req, res, err))
+  }).catch((err) => sendError(context, err))
 }
 function dataResponse<T>(player: Player, tokenDB: Token) {
--- a/leaky-ships/pages/api/login.ts
+++ b/leaky-ships/pages/api/login.ts
@ -2,14 +2,17 @@ import { NextApiRequest, NextApiResponse } from "next"
 import logging, { Logging } from "../../lib/backend/logging"
 import getPlayerByNameDB from "../../lib/backend/components/getPlayerByNameDB"
 import checkPasswordIsValid from "../../lib/backend/components/checkPasswordIsValid"
-import createTokenDB from "../../lib/backend/components/createTokenDB"
+import createTokenDB, {
  IdToken,
  RawToken,
 } from "../../lib/backend/components/createTokenDB"
 import sendResponse from "../../lib/backend/components/sendResponse"
 import { setCookie } from "cookies-next"
 import { Player, Token } from "@prisma/client"
 import prisma from "../../lib/prisma"
 import jwt from "jsonwebtoken"
 import errors from "../../lib/backend/errors"
-import sendError from "../../lib/backend/components/sendError"
+import sendError, { API } from "../../lib/backend/components/sendError"
 import getUserFromBody from "../../lib/backend/components/getUserFromBody"
 interface Data {
@ -18,30 +21,32 @@ interface Data {
 export default async function login(
  req: NextApiRequest,
-  res: NextApiResponse<any>
+  res: NextApiResponse<Data>
 ) {
-  return preCheck(req, res, () =>
+  const context = { req, res }
-    getUserFromBody(req, res, (username, password) =>
+
-      getPlayerByNameDB(req, res, username, (player) => {
+  return preCheck(context, () =>
-        checkPasswordIsValid(req, res, player, password, () => {
+    getUserFromBody(context, (username, password) =>
-          createTokenDB(player, "REFRESH", (newToken) => {
+      getPlayerByNameDB(context, username, (player) => {
-            sendResponse(req, res, loginResponse(player, newToken, req, res))
+        checkPasswordIsValid(context, player, password, () => {
          createTokenDB(player, "REFRESH", (newToken, newTokenDB) => {
            sendResponse(
              context,
              loginResponse(context, player, newToken, newTokenDB)
            )
          })
        })
      })
    )
-  ).catch((err) => sendError(req, res, err))
+  ).catch((err) => sendError(context, err))
 }
-async function preCheck(
+async function preCheck(context: API, next: () => void) {
-  req: NextApiRequest,
+  const { req } = context
  res: NextApiResponse,
  next: () => void
 ) {
  const oldRefreshToken = req.cookies.token
  try {
-    if (!oldRefreshToken) return sendError(req, res, errors.noCookie)
+    if (!oldRefreshToken) return sendError(context, errors.noCookie)
    // Check for old cookie, if unused invalidate it
    const tokenData = jwt.verify(
      oldRefreshToken,
@ -76,17 +81,18 @@ async function preCheck(
  return next()
 }
-function loginResponse<T>(
+function loginResponse(
  context: API,
  player: Player,
-  newToken: [string, Token],
+  newToken: RawToken,
-  req: NextApiRequest,
+  newTokenDB: Token
  res: NextApiResponse<T>
 ) {
  const { req, res } = context
  // const { player, req, res } = payload
-  const [newTokenValue, newTokenDB] = newToken
+  const { value } = newToken
  // Set login cookie
-  setCookie("token", newTokenValue, {
+  setCookie("token", value, {
    req,
    res,
    maxAge: 172800,
@ -96,15 +102,6 @@ function loginResponse<T>(
    path: "/api",
  })
  // deleteCookie("token", {
  //   req,
  //   res,
  //   httpOnly: true,
  //   sameSite: true,
  //   secure: true,
  //   path: "/api",
  // })
  // Successfull response
  return {
    message:
--- a/leaky-ships/pages/api/logout.ts
+++ b/leaky-ships/pages/api/logout.ts
@ -16,13 +16,15 @@ export default async function logout(
  req: NextApiRequest,
  res: NextApiResponse<any>
 ) {
-  return getTokenFromCookie(req, res, (token) => {
+  const context = { req, res }
-    checkTokenIsValid(req, res, token, (tokenBody) => {
+
-      getTokenDB(req, res, tokenBody, token[1], (tokenDB) => {
+  return getTokenFromCookie(context, (refreshToken) => {
-        sendResponse(req, res, logoutResponse(tokenDB, req, res))
+    checkTokenIsValid(context, refreshToken, (token) => {
      getTokenDB(context, token, (tokenDB) => {
        sendResponse(context, logoutResponse(tokenDB, req, res))
      })
    })
-  }).catch((err) => sendError(req, res, err))
+  }).catch((err) => sendError(context, err))
 }
 function logoutResponse<T>(
--- a/leaky-ships/pages/api/register.ts
+++ b/leaky-ships/pages/api/register.ts
@ -14,10 +14,12 @@ export default async function register(
  req: NextApiRequest,
  res: NextApiResponse<Data>
 ) {
-  return getUserFromBody(req, res, (username, password) =>
+  const context = { req, res }
  return getUserFromBody(context, (username, password) =>
    createPlayerDB(username, password, (player) => {
-      sendResponse(req, res, registerResponse(player))
+      sendResponse(context, registerResponse(player))
-    }).catch((err) => sendError(req, res, err))
+    }).catch((err) => sendError(context, err))
  )
 }