-
Notifications
You must be signed in to change notification settings - Fork 0
/
LoginSession.ts
184 lines (167 loc) · 4.8 KB
/
LoginSession.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
import * as assert from "assert";
import Session, { SessionDevice } from "./db-schemas/Session";
import {
OTPData,
LoginStrategy,
AuthStepVerificationResult,
} from "./LoginSessionConfig";
import { ISessionModel } from "./db-schemas/Session";
import { TokenExpiration } from "./constants/AppConstants";
import JWTAdapter from "./auth/JWTAdapter";
const not_initiated_session_id = "not_initiated";
export default class LoginSession {
private _id: string = not_initiated_session_id;
private _jwt_private_key: string;
private _jwt_public_key: string;
private strategy: LoginStrategy;
constructor(
strategy: LoginStrategy,
jwt_private_key: string,
jwt_public_key: string
) {
this._jwt_private_key = jwt_private_key;
this._jwt_public_key = jwt_public_key;
this.strategy = strategy;
}
async generate_session_token(
expiresIn:
| "1m"
| "5m"
| "15m"
| "30m"
| "1h"
| "6h"
| "12h"
| "1d"
| "2d"
| "3d"
| "5d"
| "10d"
| "30d"
| "365d"
): Promise<string | undefined> {
return JWTAdapter.sign(
{ session: this.id() },
expiresIn,
this._jwt_private_key
);
}
async verify_jwt_token(token: string): Promise<any | { session: string }> {
JWTAdapter.verify(token, this._jwt_public_key);
}
id(): string {
assert.ok(
this._id !== not_initiated_session_id,
`Session not initiated, please call 'initiateForUserId'`
);
return this._id;
}
static async remove_expired_sessions(): Promise<any> {
return Session.remove({ expiring: { $lt: Date.now() } });
}
set_session_id(id: string) {
assert.ok(
this._id === not_initiated_session_id,
`Aborting! Please create a new LoginSession Object as this object is already associated with another session`
);
this._id = id;
}
async fetchUserId(token: string): Promise<string> {
assert.ok(
this._id === not_initiated_session_id,
`Aborting! Please create a new LoginSession Object as this object is already associated with another session`
);
let decoded = await JWTAdapter.verify(token, this._jwt_public_key);
let session = decoded.session;
return this.strategy.fetchUserId(session);
}
async initiate_first_factor(
userId: string,
device?: SessionDevice
): Promise<LoginSession> {
let sessionData = await this.strategy.initiate_first_factor(
<any>{ _id: userId },
device
);
try {
let se = await new Session(sessionData).save();
this._id = se._id.toString();
} catch (err) {
console.error(err);
}
return this;
}
static async get(id: string): Promise<ISessionModel> {
let session: any = await Session.findById(id).lean().exec();
assert(session, "Session not found");
let isActive = session.expiring > Date.now();
!isActive && (await LoginSession.removeSession(id));
assert(isActive, "Session Expired and Deleted.");
return session;
}
async verify_second_factor(
payload: any,
device?: SessionDevice
): Promise<any> {
let session = await LoginSession.get(this._id);
try {
let veirficationResult = await this.strategy.verify_second_factor(
session,
payload,
device
);
return this.update_session_status(veirficationResult);
} catch (e) {
await this.removeSession();
throw e;
}
}
private static async removeSession(id: string) {
let removed: any = await Session.remove({ _id: id }).exec();
return removed.nRemoved === 1 ? true : false;
}
async generate_second_factor_OTP(): Promise<OTPData> {
let session = await LoginSession.get(this._id);
return this.strategy.generate_second_factor_OTP(session);
}
async verify_first_factor(
payload: any,
device?: SessionDevice
): Promise<string> {
let session = await LoginSession.get(this._id);
try {
let verificationResult = await this.strategy.verify_first_factor(
session,
payload,
device
);
await this.update_session_status(verificationResult);
return JWTAdapter.sign(
{ session: this._id },
TokenExpiration.year1,
this._jwt_private_key
);
} catch (e) {
await this.removeSession();
throw e;
}
}
private async update_session_status(
verify_result: AuthStepVerificationResult
): Promise<boolean> {
let modified = await Session.updateOne(
{ _id: this._id },
{
$set: {
expiring: verify_result.expiring,
status: verify_result.status,
},
}
).exec();
return modified.nModified === 1 ? true : false;
}
private async removeSession(): Promise<boolean> {
let removed: any = await Session.remove({ _id: this._id }).exec();
return removed.nRemoved === 1 ? false : false;
}
}