implemented authentication with sidebase/nuxt-auth

server/api/auth/login.ts

@@ -0,0 +1,95 @@
+import axios, { AxiosError } from 'axios';
+import serversideConfig from '../../../serversideConfig';
+import https from 'https';
+
+let errorMsg = 'error';
+//const { data } = useAuthState()
+
+
+export default eventHandler(async (event) => {
+
+    const agent = new https.Agent({
+        rejectUnauthorized: false,
+    });
+    const axiosInstance = axios.create({
+        headers: {
+            'Content-Type': 'application/json',
+            Accept: "*",
+        },
+        httpsAgent: agent
+    });
+
+
+    const body = await readBody(event)
+
+    // get user object from backend
+    try {
+        let res = await axiosInstance.post(`https://${serversideConfig.url}:${serversideConfig.port}/login`, {
+            username: body.username,
+            password: body.password,
+        });
+        const sessionToken = res.data.token;
+        const user = res.data.user;
+
+        console.log('sessionToken: ', sessionToken);
+        console.log('user: ', user);
+
+        setResponseStatus(event, 200);
+        const resBody = {
+            token: sessionToken,
+            message: 'Login successful'
+        };
+        console.log('resBody: ', resBody);
+
+        return resBody;
+    } 
+    catch (err) {
+        if (axios.isAxiosError(err)) {
+            const axiosError = err as AxiosError;
+
+            if (axiosError.response) {
+                // Axios error
+                //console.error(axiosError.response.data.message);
+                //errorMsg = axiosError.response.data.message;
+            } else if (axiosError.request) {
+                // If error was caused by the request
+                console.error(axiosError.request);
+            } else {
+                // Other errors
+                console.error('Error', axiosError.message);
+            }
+        } else {
+            // No AxiosError
+            console.error('Error', err);
+        }
+    }
+    throw createError({
+        statusCode: 400,
+        statusMessage: errorMsg,
+    })
+
+
+})
+
+
+
+/*import { loginSuccessful, sessionToken, errorMsg } from "../../middleware/login";
+import { OutgoingMessage } from 'http';
+
+export default defineEventHandler(async (event) => {
+
+    if (!loginSuccessful) {
+        throw createError({
+            statusCode: 400,
+            statusMessage: errorMsg,
+        })
+    }
+
+    setResponseStatus(event, 200);
+    //setResponseHeader(event, "Set-Cookie", sessionToken);
+    const resBody = {
+        token: sessionToken,
+        message: 'Login successful'
+    };
+    return resBody;
+})*/

server/api/auth/refresh.ts

@@ -0,0 +1,50 @@
+import { createError, eventHandler, readBody, sendRedirect } from 'h3';
+import jwt from 'jsonwebtoken';
+
+const SECRET = 'SECRETTUEITKEY'
+
+interface User {
+  username: string;
+  id: string;
+}
+
+interface JwtPayload extends User {
+  exp: number;
+}
+
+export default eventHandler(async (event) => {
+  const body = await readBody<{ refreshToken: string }>(event);
+
+  if (!body.refreshToken) {
+    throw createError({
+      statusCode: 403,
+      statusMessage: 'Unauthorized, no refreshToken in payload'
+    });
+  };
+
+  const decoded = jwt.verify(body.refreshToken, SECRET) as JwtPayload | undefined;
+
+  if (!decoded) {
+    throw createError({
+      statusCode: 403,
+      statusMessage: 'Unauthorized, refreshToken can`t be verified'
+    });
+  };
+
+
+  // decoded.userId exists on JwtPayload, TS falsely wants decoded.id
+  const user: User = {
+    username: decoded.username,
+    id: decoded.userId,
+  };
+
+  const authToken = jwt.sign( user, SECRET, { expiresIn: 60 * 5 }); // expires in 5 min
+  const refreshToken = jwt.sign( user, SECRET, {  expiresIn: 60 * 60 * 24 * 7 }); // expires in 7 days
+
+  return {
+    token: {
+      authToken,
+      refreshToken
+    }
+  };
+})

server/api/auth/session.ts

@@ -0,0 +1,36 @@
+import { createError, eventHandler, getRequestHeader, H3Event } from 'h3'
+import jwt from 'jsonwebtoken';
+
+const TOKEN_TYPE = 'Bearer'
+
+const extractToken = (authHeaderValue: string) => {
+  const [, token] = authHeaderValue.split(`${TOKEN_TYPE} `)
+  return token
+}
+
+const ensureAuth = (event: H3Event) => {
+  const authHeaderValue = getRequestHeader(event, 'authorization')
+  if (typeof authHeaderValue === 'undefined') {
+    throw createError({
+      statusCode: 403,
+      statusMessage:
+        'Need to pass valid Bearer-authorization header to access this endpoint'
+    })
+  }
+
+  const extractedToken = extractToken(authHeaderValue)
+  try {
+    return jwt.verify(extractedToken, 'SECRETTUEITKEY')
+  } catch (error) {
+    console.error("Login failed. Here's the raw error:", error)
+    throw createError({
+      statusCode: 403,
+      statusMessage: 'You must be logged in to access this page'
+    })
+  }
+}
+
+export default eventHandler((event) => {
+  const user = ensureAuth(event)
+  return user
+})

server/api/auth/signup.ts

@@ -1,4 +1,4 @@
-import { errorMsg } from "../middleware/signUp.js";
+import { errorMsg } from "../../middleware/signUp.js";
 
 export default defineEventHandler(async (event) => {
 

server/api/login.ts

@@ -1,20 +0,0 @@
-import { loginSuccessful, sessionToken, errorMsg } from "../middleware/login";
-import { OutgoingMessage } from 'http';
-
-export default defineEventHandler(async (event) => {
-
-    if (!loginSuccessful) {
-        throw createError({
-            statusCode: 400,
-            statusMessage: errorMsg,
-        })
-    }
-
-    setResponseStatus(event, 200);
-    //setResponseHeader(event, "Set-Cookie", sessionToken);
-    const resBody = {
-        token: sessionToken,
-        message: 'Login successful'
-    };
-    return resBody;
-})

server/main.ts

@@ -1 +1 @@
-import { pinia } from '@/store'
+//import { pinia } from '@/store'

server/middleware/auth.global.js

@@ -1,63 +0,0 @@
-import { useAuthStore } from '~/store/auth';
-
-
-export default defineEventHandler (async (event) => { 
-    // Check if user is not authenticated and trying to access a page other than /login
-    let isAuthenticated = false;
-
-    if (event.path !== '/login' && event.path !== '/api/login') {
-    
-        //const reqUsername = getHeader(event, "Authorization");
-        //const reqCookie = getHeader(event, "Cookie");
-        const reqUsername = getCookie(event, 'user');
-        const reqToken = getCookie(event, 'token');
-        //console.log('getHeader: ', reqCookie);
-        console.log('getCookie user: ', reqUsername);
-        console.log('getCookie token: ', reqToken);
-
-        const auth = useAuthStore();
-        const authUsername = auth.username;
-        const authToken = auth.token;
-
-        console.log('auth user: ', authUsername);
-        console.log('auth token: ', authToken);
-
-        if (authUsername == reqUsername && authToken == reqToken) {
-            isAuthenticated = true;
-        }
-
-
-    if (!isAuthenticated) {
-        await sendRedirect(event, '/login');
-    }
-    }
-});
-  
-/*function isAuthenticated(event) {
-    // Implement authentication logic 
-    /*const auth = useAuthStore();
-    const authUsername = auth.username;
-    const authToken = auth.token;
-
-    const reqUsername = getHeader(event, 'Authorization');
-    const reqCookie = getHeader(event, 'Cookie');
-    const reqToken = useCookie('token');
-    console.log('getHeader: ', reqCookie);
-    console.log('useCookie: ', reqToken);
-
-    if (authUsername.equals(reqUsername) ) {
-        return true;
-    }*/
-
-    /*return false;
-    // Return true if authenticated, false otherwise
-}*/
-
-
-/*export default defineNuxtRouteMiddleware((to) => {
-    const auth = useAuthStore();
-    const authUsername = auth.username;
-    const authToken = auth.token;
-
-    const reqUsername = 
-})*/

server/middleware/login.ts

@@ -1,61 +0,0 @@
-import axios, { AxiosError } from 'axios';
-import serversideConfig from '../../serversideConfig';
-import https from 'https';
-import { useAuthStore } from '~/store/auth';
-
-let loginSuccessful = false;
-let sessionToken = 'token';
-let errorMsg = '';
-
-export default defineEventHandler(async (event) => {
-    loginSuccessful = false;
-    const agent = new https.Agent({
-        rejectUnauthorized: false,
-    });
-
-    const axiosInstance = axios.create({
-        headers: {
-            'Content-Type': 'application/json',
-            Accept: "*",
-        },
-        httpsAgent: agent
-    });
-
-    if (event.path.startsWith("/api/login")) {
-
-        const body = await readBody(event)
-
-        // get user object from backend
-        try {
-            let res = await axiosInstance.post(`https://${serversideConfig.url}:${serversideConfig.port}/login`, {
-                username: body.username,
-                password: body.password,
-            });
-            sessionToken = res.data.token;
-            const auth = useAuthStore();
-            auth.createNewSession(res.data.user, sessionToken);
-            loginSuccessful = true;
-        } catch (err) {
-            if (axios.isAxiosError(err)) {
-                const axiosError = err as AxiosError;
-
-                if (axiosError.response) {
-                    // Axios error
-                    console.error(axiosError.response.data.message);
-                    errorMsg = axiosError.response.data.message;
-                } else if (axiosError.request) {
-                    // If error was caused by the request
-                    console.error(axiosError.request);
-                } else {
-                    // Other errors
-                    console.error('Error', axiosError.message);
-                }
-            } else {
-                // No AxiosError
-                console.error('Error', err);
-            }
-        }
-    }
-})
-
-export { loginSuccessful, sessionToken, errorMsg };