chore(release): 0.2.5

[risinglegends.git] / src / server / auth.ts

import { Player } from 'shared/player';
import bcrypt from 'bcrypt';
import { loadPlayer } from './player';
import { Auth } from '../shared/auth';
import { db } from './lib/db';
import { Request, Response } from 'express';

export async function signup(playerId: string, username: string, password: string): Promise<void> {
  const salt = await bcrypt.genSalt(10);
  const hash = await bcrypt.hash(password, salt);
  const data: Auth = {
    id: playerId,
    username,
    password: hash
  };

  try {
    const res: any = await db.insert(data).into('auth');
    if(res.rowCount === 1) {
      return;
    }
    else {
      console.log(res);
      throw new Error('Something weird happened..');
    }

  }
  catch(e) {
    console.log(e);
    if(e?.code === '23505') {
      if(e?.constraint === 'auth_pkey') {
        console.log(`Key ${playerId} was already claimed. ${username} tried claiming again..`);
      }
      // someone already claimed this key
      throw new Error('Invalid account');
    }
  }

}

export async function login(username: string, password: string): Promise<Player> {
  const auth = await db.select('*').first().from<Auth>('auth').where({
    username
  });

  if(auth) {
    const compare = await bcrypt.compare(password, auth.password);
    if(compare) {
      return loadPlayer(auth.id);
    }
    else {
      throw new Error(`Invalid password for ${username}`);
    }
  }
  else {
    throw new Error(`Requested user ${username}, does not exist`);
  }

}

export function authEndpoint(req: Request, res: Response, next: any) {
  const authToken = req.headers['x-authtoken'];
  if(!authToken) {
    console.log(`Invalid auth token ${authToken}`);
    res.sendStatus(400)
  }
  else {
    next()
  }
}