49 lines
1.4 KiB
JavaScript
49 lines
1.4 KiB
JavaScript
const signature = require('cookie-signature')
|
|
const fs = require('fs');
|
|
const cookiesecret = fs.readFileSync("cookiesecret.txt").toString()
|
|
const getIP = require("./getip.js")
|
|
/**
|
|
* usignes a string
|
|
* @param {string} text text to unsign
|
|
* @param {request} req request object, used for getting the ip for unsigning
|
|
* @param {response} res response object
|
|
* @return {string/boolean} unsigned text, or if unsigning was unsuccessful, false
|
|
*/
|
|
function unsign(text,req,res) {
|
|
let ip = getIP(req)
|
|
let unsigned = signature.unsign(text,cookiesecret+ip)
|
|
if(!unsigned) {
|
|
return false
|
|
}
|
|
return unsigned
|
|
}
|
|
|
|
/**
|
|
* unsignes the auth cookie of a request, also sends json response if auth cookie was invalid
|
|
* @param {request} req request object
|
|
* @param {response} res response object
|
|
* @return {string/boolean} unsigned cookie, or if unsigning was unsuccessful, false
|
|
*/
|
|
function getunsigned(req,res) {
|
|
let cookie = req.cookies.AUTH_COOKIE
|
|
if(!cookie){
|
|
res.status(400)
|
|
res.json({"error":"you are not logged in! (no cookie)"})
|
|
return
|
|
}
|
|
let unsigned = unsign(cookie,req,res)
|
|
if(!unsigned){
|
|
try {
|
|
res.status(400)
|
|
res.json({"error":"Bad auth cookie set"})
|
|
} catch (ignored) {} //sometimes it errors, gotta debug soon
|
|
return false
|
|
}
|
|
return decodeURIComponent(unsigned)
|
|
}
|
|
|
|
module.exports = {
|
|
unsign: unsign,
|
|
getunsigned: getunsigned
|
|
}
|