yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6e371f0d0301a352b9b5d96e5564f96cebdea39e
outline/server/utils/jwt.ts
Tom Moor 15b1069bcc chore: Move to Typescript (#2783) 
This PR moves the entire project to Typescript. Due to the ~1000 ignores this will lead to a messy codebase for a while, but the churn is worth it – all of those ignore comments are places that were never type-safe previously.

closes #1282
2021-11-29 06:40:55 -08:00

115 lines
4.3 KiB
TypeScript
Raw Blame History

import { subMinutes } from "date-fns";
import JWT from "jsonwebtoken";
import { Team, User } from "@server/models";
import { AuthenticationError } from "../errors";
// @ts-expect-error ts-migrate(7006) FIXME: Parameter 'token' implicitly has an 'any' type.
function getJWTPayload(token) {
let payload;
try {
payload = JWT.decode(token);
} catch (err) {
throw AuthenticationError("Unable to decode JWT token");
}
if (!payload) {
throw AuthenticationError("Invalid token");
}
return payload;
}
// @ts-expect-error ts-migrate(2749) FIXME: 'User' refers to a value, but is being used as a t... Remove this comment to see the full error message
export async function getUserForJWT(token: string): Promise<User> {
const payload = getJWTPayload(token);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'type' does not exist on type 'string | J... Remove this comment to see the full error message
if (payload.type === "email-signin") {
throw AuthenticationError("Invalid token");
}
// check the token is within it's expiration time
// @ts-expect-error ts-migrate(2339) FIXME: Property 'expiresAt' does not exist on type 'strin... Remove this comment to see the full error message
if (payload.expiresAt) {
// @ts-expect-error ts-migrate(2339) FIXME: Property 'expiresAt' does not exist on type 'strin... Remove this comment to see the full error message
if (new Date(payload.expiresAt) < new Date()) {
throw AuthenticationError("Expired token");
}
}
// @ts-expect-error ts-migrate(2339) FIXME: Property 'id' does not exist on type 'string | Jwt... Remove this comment to see the full error message
const user = await User.findByPk(payload.id, {
include: [
{
model: Team,
as: "team",
required: true,
},
],
});
// @ts-expect-error ts-migrate(2339) FIXME: Property 'type' does not exist on type 'string | J... Remove this comment to see the full error message
if (payload.type === "transfer") {
// If the user has made a single API request since the transfer token was
// created then it's no longer valid, they'll need to sign in again.
// @ts-expect-error ts-migrate(2339) FIXME: Property 'createdAt' does not exist on type 'strin... Remove this comment to see the full error message
if (user.lastActiveAt > new Date(payload.createdAt)) {
throw AuthenticationError("Token has already been used");
}
}
try {
JWT.verify(token, user.jwtSecret);
} catch (err) {
throw AuthenticationError("Invalid token");
}
return user;
}
// @ts-expect-error ts-migrate(2749) FIXME: 'User' refers to a value, but is being used as a t... Remove this comment to see the full error message
export async function getUserForEmailSigninToken(token: string): Promise<User> {
const payload = getJWTPayload(token);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'type' does not exist on type 'string | J... Remove this comment to see the full error message
if (payload.type !== "email-signin") {
throw AuthenticationError("Invalid token");
}
// check the token is within it's expiration time
// @ts-expect-error ts-migrate(2339) FIXME: Property 'createdAt' does not exist on type 'strin... Remove this comment to see the full error message
if (payload.createdAt) {
// @ts-expect-error ts-migrate(2339) FIXME: Property 'createdAt' does not exist on type 'strin... Remove this comment to see the full error message
if (new Date(payload.createdAt) < subMinutes(new Date(), 10)) {
throw AuthenticationError("Expired token");
}
}
// @ts-expect-error ts-migrate(2339) FIXME: Property 'id' does not exist on type 'string | Jwt... Remove this comment to see the full error message
const user = await User.findByPk(payload.id, {
include: [
{
model: Team,
as: "team",
required: true,
},
],
});
// if user has signed in at all since the token was created then
// it's no longer valid, they'll need a new one.
// @ts-expect-error ts-migrate(2339) FIXME: Property 'createdAt' does not exist on type 'strin... Remove this comment to see the full error message
if (user.lastSignedInAt > payload.createdAt) {
throw AuthenticationError("Token has already been used");
}
try {
JWT.verify(token, user.jwtSecret);
} catch (err) {
throw AuthenticationError("Invalid token");
}
return user;
}
Reference in New Issue View Git Blame Copy Permalink