From 34fa0f6f30e5e63cc0a65b8047b57214699b75d6 Mon Sep 17 00:00:00 2001 From: Kaushik Date: Mon, 18 Jul 2022 01:28:03 +0530 Subject: [PATCH] added session handling, some axios --- constants.js | 3 +- controllers/auth.js | 17 ++- index.js | 11 +- interceptors/axiosInstance.js | 30 +++++ middleware/authCheck.js | 18 +++ package-lock.json | 202 ++++++++++++++++++++++++++++++++++ package.json | 2 + 7 files changed, 277 insertions(+), 6 deletions(-) create mode 100644 interceptors/axiosInstance.js create mode 100644 middleware/authCheck.js diff --git a/constants.js b/constants.js index 7d15c54..9c56735 100644 --- a/constants.js +++ b/constants.js @@ -1,4 +1,5 @@ module.exports = { + baseAPIURL: 'https://api.spotify.com/v1', scopes: { ImageUpload: 'ugc-image-upload', ControlPlayback: 'user-modify-playback-state', @@ -17,5 +18,5 @@ module.exports = { ModifyLibrary: 'user-library-modify', ViewLibrary: 'user-library-read', }, - stateKey: 'spotify_auth_state' + stateKey: 'spotify_auth_state', } \ No newline at end of file diff --git a/controllers/auth.js b/controllers/auth.js index c080cd8..bcbafaf 100644 --- a/controllers/auth.js +++ b/controllers/auth.js @@ -74,10 +74,14 @@ const callback = async (req, res) => { const access_token = response.body.access_token; const refresh_token = response.body.refresh_token; + req.session.accessToken = access_token; + req.session.refreshToken = refresh_token; + req.session.cookie.maxAge = response.body.expires_in * 1000; + + req.session.save((err) => { if (err) throw err; }); + return res.status(200).send({ - message: "Auth tokens obtained.", - refresh_token, - access_token, + message: "Login successful", }); } } @@ -112,8 +116,13 @@ const refresh = async (req, res) => { const response = await got.post(authOptions); if (response.statusCode === 200) { const access_token = response.body.access_token; + const updated_refresh_token = response.body.refresh_token ?? null; + + req.session.accessToken = access_token; + req.session.refreshToken = updated_refresh_token ?? refresh_token; + return res.status(200).send({ - message: "New access token obtained.", + message: `New access token obtained${(updated_refresh_token !== null) ? ' and refresh token updated' : ''}.`, access_token, }); } diff --git a/index.js b/index.js index ca08a7e..23c849c 100644 --- a/index.js +++ b/index.js @@ -1,10 +1,19 @@ require('dotenv').config(); const express = require('express'); +const session = require("express-session"); const cors = require('cors'); const cookieParser = require('cookie-parser'); const app = express(); +app.use( + session({ + secret: process.env.SESSION_SECRET, + resave: true, + saveUninitialized: true + }) +); + app.use(cors()); app.use(cookieParser()); @@ -19,7 +28,7 @@ app.use((_req, res) => { return res.status(404).send( "Oops! You're not supposed to know about this..." ); -}) +}); const port = process.env.PORT || 3000; diff --git a/interceptors/axiosInstance.js b/interceptors/axiosInstance.js new file mode 100644 index 0000000..f963896 --- /dev/null +++ b/interceptors/axiosInstance.js @@ -0,0 +1,30 @@ +const axios = require('axios'); + +const { baseAPIURL } = require("../constants"); + +const axiosInstance = axios.default.create({ + baseURL: baseAPIURL, + timeout: 20000, +}); + +const getHeaders = () => { + let headers; + + headers = { + 'Content-Type': 'application/json', + }; + + if (req.session.access_token) { + headers = { + ...headers, + 'Authorization': req.session.access_token ? `Bearer ${req.session.access_token}` : '', + } + } + + return headers; +}; + +module.exports = { + axiosInstance, + getHeaders, +}; \ No newline at end of file diff --git a/middleware/authCheck.js b/middleware/authCheck.js new file mode 100644 index 0000000..58e0c26 --- /dev/null +++ b/middleware/authCheck.js @@ -0,0 +1,18 @@ +const typedefs = require("../typedefs"); + +/** + * middleware to test if authenticated + * @param {typedefs.Req} req + * @param {typedefs.Res} res + * @param {typedefs.Next} next + */ +const isAuthenticated = (req, res, next) => { + if (req.session.refreshToken && req.session.accessToken) next() + else { + res.status(401).redirect("/"); + } +} + +module.exports = { + isAuthenticated, +} \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 9434b60..6dae6da 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,10 +9,12 @@ "version": "1.0.0", "license": "MIT", "dependencies": { + "axios": "^0.27.2", "cookie-parser": "^1.4.6", "cors": "^2.8.5", "dotenv": "^16.0.1", "express": "^4.18.1", + "express-session": "^1.17.3", "express-validator": "^6.14.2", "got": "^12.1.0" }, @@ -191,6 +193,20 @@ "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==" }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" + }, + "node_modules/axios": { + "version": "0.27.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz", + "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", + "dependencies": { + "follow-redirects": "^1.14.9", + "form-data": "^4.0.0" + } + }, "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", @@ -353,6 +369,17 @@ "mimic-response": "^1.0.0" } }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dependencies": { + "delayed-stream": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/compress-brotli": { "version": "1.3.8", "resolved": "https://registry.npmjs.org/compress-brotli/-/compress-brotli-1.3.8.tgz", @@ -476,6 +503,14 @@ "node": ">=10" } }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -576,6 +611,32 @@ "node": ">= 0.10.0" } }, + "node_modules/express-session": { + "version": "1.17.3", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", + "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "dependencies": { + "cookie": "0.4.2", + "cookie-signature": "1.0.6", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-headers": "~1.0.2", + "parseurl": "~1.3.3", + "safe-buffer": "5.2.1", + "uid-safe": "~2.1.5" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/express-session/node_modules/cookie": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", + "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/express-validator": { "version": "6.14.2", "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.14.2.tgz", @@ -617,6 +678,38 @@ "node": ">= 0.8" } }, + "node_modules/follow-redirects": { + "version": "1.15.1", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.1.tgz", + "integrity": "sha512-yLAMQs+k0b2m7cVxpS1VKJVvoz7SS9Td1zss3XRwXj+ZDH00RJgnuLx7E44wx02kQLrdM3aOOy+FpzS7+8OizA==", + "funding": [ + { + "type": "individual", + "url": "https://github.com/sponsors/RubenVerborgh" + } + ], + "engines": { + "node": ">=4.0" + }, + "peerDependenciesMeta": { + "debug": { + "optional": true + } + } + }, + "node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/form-data-encoder": { "version": "1.7.1", "resolved": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-1.7.1.tgz", @@ -1074,6 +1167,14 @@ "node": ">= 0.8" } }, + "node_modules/on-headers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", + "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -1167,6 +1268,14 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/random-bytes": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz", + "integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -1400,6 +1509,17 @@ "node": ">= 0.6" } }, + "node_modules/uid-safe": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz", + "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==", + "dependencies": { + "random-bytes": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/undefsafe": { "version": "2.0.5", "resolved": "https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.5.tgz", @@ -1600,6 +1720,20 @@ "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==" }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" + }, + "axios": { + "version": "0.27.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz", + "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", + "requires": { + "follow-redirects": "^1.14.9", + "form-data": "^4.0.0" + } + }, "balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", @@ -1722,6 +1856,14 @@ "mimic-response": "^1.0.0" } }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "requires": { + "delayed-stream": "~1.0.0" + } + }, "compress-brotli": { "version": "1.3.8", "resolved": "https://registry.npmjs.org/compress-brotli/-/compress-brotli-1.3.8.tgz", @@ -1813,6 +1955,11 @@ "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", "integrity": "sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==" }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" + }, "depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -1894,6 +2041,28 @@ "vary": "~1.1.2" } }, + "express-session": { + "version": "1.17.3", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", + "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "requires": { + "cookie": "0.4.2", + "cookie-signature": "1.0.6", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-headers": "~1.0.2", + "parseurl": "~1.3.3", + "safe-buffer": "5.2.1", + "uid-safe": "~2.1.5" + }, + "dependencies": { + "cookie": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", + "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==" + } + } + }, "express-validator": { "version": "6.14.2", "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.14.2.tgz", @@ -1926,6 +2095,21 @@ "unpipe": "~1.0.0" } }, + "follow-redirects": { + "version": "1.15.1", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.1.tgz", + "integrity": "sha512-yLAMQs+k0b2m7cVxpS1VKJVvoz7SS9Td1zss3XRwXj+ZDH00RJgnuLx7E44wx02kQLrdM3aOOy+FpzS7+8OizA==" + }, + "form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + } + }, "form-data-encoder": { "version": "1.7.1", "resolved": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-1.7.1.tgz", @@ -2250,6 +2434,11 @@ "ee-first": "1.1.1" } }, + "on-headers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", + "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==" + }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -2316,6 +2505,11 @@ "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==" }, + "random-bytes": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz", + "integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==" + }, "range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -2493,6 +2687,14 @@ "mime-types": "~2.1.24" } }, + "uid-safe": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz", + "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==", + "requires": { + "random-bytes": "~1.0.0" + } + }, "undefsafe": { "version": "2.0.5", "resolved": "https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.5.tgz", diff --git a/package.json b/package.json index 265a0e9..b0b81a3 100644 --- a/package.json +++ b/package.json @@ -18,10 +18,12 @@ }, "homepage": "https://github.com/20kaushik02/spotify-manager#readme", "dependencies": { + "axios": "^0.27.2", "cookie-parser": "^1.4.6", "cors": "^2.8.5", "dotenv": "^16.0.1", "express": "^4.18.1", + "express-session": "^1.17.3", "express-validator": "^6.14.2", "got": "^12.1.0" },