All files auth.ts

0% Statements 0/31
0% Branches 0/19
0% Functions 0/10
0% Lines 0/26
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157                                                                                                                                                                                                                                                                                                                         
import { StringAnyMap } from './interfaces';
import AuthPayload from './payload';
import AuthScope from './scope';

export interface AuthToken<I> {
  new (Auth: AuthServer): I;
}

export interface IAccessToken {
  Auth: AuthServer;
  cookie: string;
  /**
   * Creates a payload based in some data
   */
  buildPayload(data: StringAnyMap): StringAnyMap;
  /**
   * Creates the accessToken
   */
  create(payload: StringAnyMap): string;
  /**
   * Verifies an accessToken and returns its payload
   */
  verify(accessToken: string): StringAnyMap;
  /**
   * Returns the expiration date of an accessToken
   */
  getExpDate(): Date;
}
 
export interface IRefreshToken {
  Auth: AuthServer;
  cookie: string;
  /**
   * Creates the refreshToken
   */
  create(data: StringAnyMap): Promise<string>;
  /**
   * Creates the payload for an accessToken
   */
  createPayload(refreshToken: string): Promise<StringAnyMap>;
  /**
   * Removes the refreshToken
   */
  remove(refreshToken: string): Promise<boolean> | boolean;
  /**
   * Returns the expiration date of a refreshToken
   */
  getExpDate(): Date;
}
 
export default class AuthServer {
  public at: IAccessToken;
  public rt: IRefreshToken;
  public accessTokenCookie: string;
  public refreshTokenCookie: string;
  public payload: AuthPayload;
  public scope: AuthScope;
 
  constructor({
    AccessToken,
    RefreshToken,
    payload,
    scope
  }: {
    AccessToken: AuthToken<IAccessToken>;
    RefreshToken: AuthToken<IRefreshToken>;
    payload: AuthPayload;
    scope?: AuthScope;
  }) {
    this.at = new AccessToken(this);
    this.rt = new RefreshToken(this);
    this.accessTokenCookie = this.at.cookie;
    this.refreshTokenCookie = this.rt.cookie;
 
    this.payload = payload;
    this.scope = scope || new AuthScope();
  }
  /**
   * Creates a new accessToken
   */
  public createAccessToken(data: StringAnyMap) {
    const payload = this.payload.create(this.at.buildPayload(data));
    return this.at.create(payload);
  }
  /**
   * Creates a new refreshToken
   */
  public createRefreshToken(data: StringAnyMap) {
    return this.rt.create(data);
  }
  /**
   * Creates both an accessToken and refreshToken
   */
  public async createTokens(
    data: StringAnyMap
  ): Promise<{ refreshToken: string; accessToken: string }> {
    return {
      refreshToken: await this.createRefreshToken(data),
      accessToken: this.createAccessToken(data)
    };
  }
  /**
   * Verifies an accessToken and returns its payload
   */
  public verify(accessToken: string) {
    return this.payload.parse(this.at.verify(accessToken));
  }
  /**
   * Decodes and returns the payload of an accessToken
   */
  public decode(accessToken: string) {
    if (!accessToken) return null;
 
    try {
      return this.verify(accessToken);
    } catch (error) {
      return null;
    }
  }
  /**
   * Returns the payload for an accessToken from a refreshToken
   */
  public getPayload(refreshToken: string) {
    return this.rt.createPayload(refreshToken);
  }
  /**
   * Removes an active refreshToken
   */
  public removeRefreshRoken(refreshToken: string): Promise<boolean> | boolean {
    if (refreshToken) {
      return this.rt.remove(refreshToken);
    }
    return false;
  }
  /**
   * Returns the accessToken from a JWT Token using the headers or cookies of a
   * request
   * @param req It may be an http request or just an object with headers and/or
   * cookies
   * @param req.headers Headers with an authorization token
   * @param req.cookies They will be used only if there isn't a token in the
   * headers
   */
  public getAccessToken(req: {
    headers?: { authorization: string };
    cookies?: StringAnyMap;
  }): string | null {
    const { headers, cookies } = req;
    const { authorization = null } = headers || {};
    const accessToken = authorization
      ? authorization.split(' ')[1]
      : cookies && cookies[this.accessTokenCookie];
 
    return accessToken || null;
  }
}