2017-10-29 07:55:55 +08:00
|
|
|
"use strict";
|
|
|
|
|
2017-11-03 08:48:02 +08:00
|
|
|
const options = require('../../services/options');
|
2017-10-29 10:17:00 +08:00
|
|
|
const utils = require('../../services/utils');
|
2018-04-03 08:46:46 +08:00
|
|
|
const dateUtils = require('../../services/date_utils');
|
2018-04-02 09:27:46 +08:00
|
|
|
const sourceIdService = require('../../services/source_id');
|
|
|
|
const passwordEncryptionService = require('../../services/password_encryption');
|
|
|
|
const protectedSessionService = require('../../services/protected_session');
|
|
|
|
const appInfo = require('../../services/app_info');
|
2017-10-29 07:55:55 +08:00
|
|
|
|
2018-03-31 07:31:22 +08:00
|
|
|
async function loginSync(req) {
|
2017-12-11 04:45:17 +08:00
|
|
|
const timestampStr = req.body.timestamp;
|
2017-10-29 07:55:55 +08:00
|
|
|
|
2018-04-03 08:46:46 +08:00
|
|
|
const timestamp = dateUtils.parseDateTime(timestampStr);
|
2017-12-11 04:45:17 +08:00
|
|
|
|
|
|
|
const now = new Date();
|
|
|
|
|
|
|
|
if (Math.abs(timestamp.getTime() - now.getTime()) > 5000) {
|
2018-03-31 07:31:22 +08:00
|
|
|
return [400, { message: 'Auth request time is out of sync' }];
|
2017-10-29 10:17:00 +08:00
|
|
|
}
|
|
|
|
|
2017-10-30 02:55:48 +08:00
|
|
|
const dbVersion = req.body.dbVersion;
|
2017-10-29 10:17:00 +08:00
|
|
|
|
2018-04-02 09:27:46 +08:00
|
|
|
if (dbVersion !== appInfo.db_version) {
|
|
|
|
return [400, { message: 'Non-matching db versions, local is version ' + appInfo.db_version }];
|
2017-10-29 10:17:00 +08:00
|
|
|
}
|
|
|
|
|
2017-11-03 08:48:02 +08:00
|
|
|
const documentSecret = await options.getOption('document_secret');
|
2017-12-11 04:45:17 +08:00
|
|
|
const expectedHash = utils.hmac(documentSecret, timestampStr);
|
2017-10-29 10:17:00 +08:00
|
|
|
|
|
|
|
const givenHash = req.body.hash;
|
|
|
|
|
|
|
|
if (expectedHash !== givenHash) {
|
2018-03-31 07:31:22 +08:00
|
|
|
return [400, { message: "Sync login hash doesn't match" }];
|
2017-10-29 10:17:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
req.session.loggedIn = true;
|
|
|
|
|
2018-03-31 07:31:22 +08:00
|
|
|
return {
|
2018-04-02 09:27:46 +08:00
|
|
|
sourceId: sourceIdService.getCurrentSourceId()
|
2018-03-31 07:31:22 +08:00
|
|
|
};
|
|
|
|
}
|
2017-10-29 07:55:55 +08:00
|
|
|
|
2018-03-31 07:31:22 +08:00
|
|
|
async function loginToProtectedSession(req) {
|
2017-11-10 12:25:23 +08:00
|
|
|
const password = req.body.password;
|
|
|
|
|
2018-04-02 09:27:46 +08:00
|
|
|
if (!await passwordEncryptionService.verifyPassword(password)) {
|
2018-03-31 07:31:22 +08:00
|
|
|
return {
|
2017-11-10 12:25:23 +08:00
|
|
|
success: false,
|
|
|
|
message: "Given current password doesn't match hash"
|
2018-03-31 07:31:22 +08:00
|
|
|
};
|
2017-11-10 12:25:23 +08:00
|
|
|
}
|
|
|
|
|
2018-04-02 09:27:46 +08:00
|
|
|
const decryptedDataKey = await passwordEncryptionService.getDataKey(password);
|
2017-11-10 12:25:23 +08:00
|
|
|
|
2018-04-02 09:27:46 +08:00
|
|
|
const protectedSessionId = protectedSessionService.setDataKey(req, decryptedDataKey);
|
2017-11-10 12:25:23 +08:00
|
|
|
|
2018-03-31 07:31:22 +08:00
|
|
|
return {
|
2017-11-10 12:25:23 +08:00
|
|
|
success: true,
|
|
|
|
protectedSessionId: protectedSessionId
|
2018-03-31 07:31:22 +08:00
|
|
|
};
|
|
|
|
}
|
2017-11-10 12:25:23 +08:00
|
|
|
|
2018-03-31 07:31:22 +08:00
|
|
|
module.exports = {
|
|
|
|
loginSync,
|
|
|
|
loginToProtectedSession
|
|
|
|
};
|