1 import { Player } from 'shared/player';
3 import bcrypt from 'bcrypt';
4 import { loadPlayer } from './player';
5 import { Auth } from '../shared/auth';
6 import { db } from './lib/db';
7 import { Request, Response } from 'express';
9 export interface AuthRequest extends Request {
13 export async function signup(playerId: string, username: string, password: string): Promise<void> {
14 const salt = await bcrypt.genSalt(10);
15 const hash = await bcrypt.hash(password, salt);
18 username: xss(username, { whiteList: {} }),
23 const res: any = await db.insert(data).into('auth');
24 if(res.rowCount === 1) {
29 throw new Error('Something weird happened..');
35 if(e?.code === '23505') {
36 if(e?.constraint === 'auth_pkey') {
37 console.log(`Key ${playerId} was already claimed. ${data.username} tried claiming again..`);
39 // someone already claimed this key
40 throw new Error('Invalid account');
46 export async function login(username: string, password: string): Promise<Player> {
47 const auth = await db.select('*').first().from<Auth>('auth').where({
52 const compare = await bcrypt.compare(password, auth.password);
54 return loadPlayer(auth.id);
57 throw new Error(`Invalid password for ${username}`);
61 throw new Error(`Requested user ${username}, does not exist`);
66 export async function authEndpoint(req: AuthRequest, res: Response, next: any) {
67 const authToken = req.headers['x-authtoken'];
69 console.log(`Invalid auth token ${authToken}`);
73 const player: Player = await loadPlayer(authToken.toString());
79 console.log(`Invalid auth token ${authToken}`);