From 9802d9732284ac5ada54cb8cfd5e2f51251101bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bodor=20M=C3=A1t=C3=A9?= <bmate711@gmail.com>
Date: Thu, 27 Feb 2020 14:05:31 +0100
Subject: [PATCH] Create oauth2 authentication with session

---
 src/index.ts                          |  9 +++++++--
 src/middlewares/auth/authenticated.ts | 10 +++++++++
 src/middlewares/auth/complete.ts      | 29 +++++++++++++++++++++++++++
 src/middlewares/auth/login.ts         | 13 ++++++++++++
 src/middlewares/auth/logout.ts        |  9 +++++++++
 src/routes/auth.ts                    | 15 ++++++++++++++
 src/utils/auth.ts                     | 19 ++++++++++++++++++
 7 files changed, 102 insertions(+), 2 deletions(-)
 create mode 100644 src/middlewares/auth/authenticated.ts
 create mode 100644 src/middlewares/auth/complete.ts
 create mode 100644 src/middlewares/auth/login.ts
 create mode 100644 src/middlewares/auth/logout.ts
 create mode 100644 src/routes/auth.ts
 create mode 100644 src/utils/auth.ts

diff --git a/src/index.ts b/src/index.ts
index 8f793b9d..e880caa5 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -12,10 +12,15 @@ app.use(expressSession({
   secret: process.env.SESSION_SECRET || "alma",
   resave: false,
   saveUninitialized: true,
-  cookie: { secure: true }
+  cookie: { secure: false }
 }));
 
-app.get("/", (req: Request, res: Response) => res.send("Hel World!"));
+app.get("/", (req: Request, res: Response) => {
+  let message = "World!";
+  if(req.session!.user)
+     message = req.session!.user!.sn || "World!";
+  res.send( "Hello " + message)
+});
 
 // Register routes
 authRoute(app);
diff --git a/src/middlewares/auth/authenticated.ts b/src/middlewares/auth/authenticated.ts
new file mode 100644
index 00000000..ef36ada2
--- /dev/null
+++ b/src/middlewares/auth/authenticated.ts
@@ -0,0 +1,10 @@
+import {Request, Response, NextFunction} from "express";
+
+const authenticated = () => (req : Request, res : Response, next: NextFunction ) =>{
+    if(req.session!.user)
+        next();
+    res.status(403);
+    res.json({message: "You have to login to see this page"});
+}
+
+export default authenticated;
\ No newline at end of file
diff --git a/src/middlewares/auth/complete.ts b/src/middlewares/auth/complete.ts
new file mode 100644
index 00000000..dedc5c8c
--- /dev/null
+++ b/src/middlewares/auth/complete.ts
@@ -0,0 +1,29 @@
+import { Request, Response } from 'express';
+import {oauth2, scope} from '../../utils/auth'
+import axios from "axios";
+
+
+const complete = () => async (req: Request, res: Response) => { 
+    const tokenConfig = {
+        code: req.query.code,
+        scope: scope,
+        redirect_uri: ""
+    };
+    
+    try {
+        const result = await oauth2().authorizationCode.getToken(tokenConfig);
+        const token = oauth2().accessToken.create(result);
+        await axios.get(`https://auth.sch.bme.hu/api/profile/?access_token=${token.token.access_token}`)
+            .then( (response) =>  {
+                req.session!.user = response.data;
+             })
+            .catch(function (error) {
+                console.log(error);
+            });
+        res.redirect('/');
+    } catch (error) {
+        console.log('Access Token Error', error.message);   
+    }
+};
+
+export default complete;
\ No newline at end of file
diff --git a/src/middlewares/auth/login.ts b/src/middlewares/auth/login.ts
new file mode 100644
index 00000000..356629f1
--- /dev/null
+++ b/src/middlewares/auth/login.ts
@@ -0,0 +1,13 @@
+import { Request, Response } from 'express';
+import {oauth2, scope} from '../../utils/auth'
+
+
+const authorizationUri = oauth2().authorizationCode.authorizeURL({
+    scope: scope,
+});
+
+
+const login = () =>   (req: Request, res: Response) => res.redirect(authorizationUri);
+
+
+export default login;
\ No newline at end of file
diff --git a/src/middlewares/auth/logout.ts b/src/middlewares/auth/logout.ts
new file mode 100644
index 00000000..040bba64
--- /dev/null
+++ b/src/middlewares/auth/logout.ts
@@ -0,0 +1,9 @@
+import { Request, Response } from 'express';
+
+const logout = () => (req : Request, res : Response) =>{
+    console.log(req.session!.user);
+    req.session!.destroy(() => console.log("user logged out."));
+    res.redirect("/");
+}
+
+export default logout;
\ No newline at end of file
diff --git a/src/routes/auth.ts b/src/routes/auth.ts
new file mode 100644
index 00000000..b930250f
--- /dev/null
+++ b/src/routes/auth.ts
@@ -0,0 +1,15 @@
+import { Application } from 'express';
+import login from '../middlewares/auth/login';
+import complete from '../middlewares/auth/complete';
+import logout from '../middlewares/auth/logout';
+import authenticated from '../middlewares/auth/authenticated'
+
+ const authRout = (app: Application): void => {
+    app.get('/login', login() );
+
+    app.get('/complete', complete() );
+
+    app.get('/logout', authenticated(), logout() );
+}
+
+export default authRout;
\ No newline at end of file
diff --git a/src/utils/auth.ts b/src/utils/auth.ts
new file mode 100644
index 00000000..d00f2042
--- /dev/null
+++ b/src/utils/auth.ts
@@ -0,0 +1,19 @@
+import simpleOauth2 from "simple-oauth2";
+
+const oauth2 = () => simpleOauth2.create(
+  {
+    client: {
+      id: process.env.AUTH_ID || "",
+      secret: process.env.AUTH_SECRET_KEY || ""
+    },
+    auth: {
+      tokenHost: 'https://auth.sch.bme.hu',
+      tokenPath: '/oauth2/token',
+      authorizePath: '/site/login'
+    }
+  }
+);
+
+const scope : string[] = ['basic', 'mail', 'sn', 'givenName']
+
+export {oauth2, scope};
\ No newline at end of file
-- 
GitLab