new auth

AlexTraveylan · Sep 23, 2023 · 4ec0d64 · 4ec0d64
1 parent b7ba42f
commit 4ec0d64
Show file tree

Hide file tree

Showing 51 changed files with 471 additions and 718 deletions.
diff --git a/package.json b/package.json
@@ -10,7 +10,6 @@
     "test": "jest"
   },
   "dependencies": {
-    "@clerk/nextjs": "^4.19.0",
     "@hookform/resolvers": "^3.1.1",
     "@prisma/client": "^4.15.0",
     "@radix-ui/react-dialog": "^1.0.4",
@@ -59,4 +58,4 @@
     "ts-jest": "^29.1.0",
     "typescript": "^5.0.4"
   }
-}
+}
diff --git a/src/app/acces/page.tsx b/src/app/acces/page.tsx
diff --git a/src/app/api/check-master/route.ts b/src/app/api/check-master/route.ts
@@ -1,40 +1,29 @@
-import { generateAccessToken, generateRefreshToken } from "@/services/auth.service"
-import { userAppService } from "@/services/userApp.service"
-import { currentUser } from "@clerk/nextjs"
+import { generateAccessToken, generateRefreshToken } from "@/lib/services/auth.service"
+import { userAppService } from "@/lib/services/userApp.service"
 import bcrypt from "bcrypt"
 import { cookies } from "next/headers"
 import { NextRequest, NextResponse } from "next/server"
 
 export async function POST(request: NextRequest) {
-  const user = await currentUser()
+  const { clientHashedMaster, email } = await request.json()
 
-  if (!user?.primaryEmailAddressId) {
-    return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
-  }
-  const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-  if (!primaryEmail) {
-    return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
-  }
-
-  const searchUser = await userAppService.getByEmail(primaryEmail.emailAddress)
+  const searchUser = await userAppService.getByEmail(email)
 
   if (!searchUser) {
-    return NextResponse.json({ error: "Impossible de trouver l&aposutilisateur.." }, { status: 400 })
+    return NextResponse.json({ error: "Impossible de trouver l'utilisateur.." }, { status: 400 })
   }
 
   const salt = searchUser.salt
   const masterPassword = searchUser.masterPassword
-  const { clientHashedMaster } = await request.json()
   const clientDoubleHashedMaster = await bcrypt.hash(clientHashedMaster, salt)
   const clientDoubleHashedMasterBuffer = Buffer.from(clientDoubleHashedMaster)
 
   if (!clientDoubleHashedMasterBuffer.equals(masterPassword)) {
     return NextResponse.json({ error: "Le mot de passe est incorrect." }, { status: 400 })
   }
 
-  const accessToken = generateAccessToken(primaryEmail.emailAddress)
-  const refreshToken = generateRefreshToken(primaryEmail.emailAddress)
-  const privateKey = searchUser.privateKey.toString("utf-8")
+  const accessToken = generateAccessToken(email, searchUser.privateKey.toString("utf-8"))
+  const refreshToken = generateRefreshToken(email, searchUser.privateKey.toString("utf-8"))
 
   const cookieHeaders = cookies()
   cookieHeaders.set("accessToken", accessToken, {
@@ -53,5 +42,5 @@ export async function POST(request: NextRequest) {
     path: "/",
   })
 
-  return NextResponse.json({ message: "Correspondance ok", privateKey: privateKey })
+  return NextResponse.json({ message: "Correspondance ok" })
 }
diff --git a/src/app/api/get-public-key/route.ts b/src/app/api/get-public-key/route.ts
@@ -1,26 +1,18 @@
-import { userAppService } from "@/services/userApp.service"
-import { currentUser } from "@clerk/nextjs"
+import { currentUser } from "@/lib/hooks/auth"
+import { userAppService } from "@/lib/services/userApp.service"
 import { NextRequest, NextResponse } from "next/server"
 
 export async function GET(request: NextRequest) {
-  const user = await currentUser()
-  let searchUser
-  if (user) {
-    if (!user?.primaryEmailAddressId) {
-      return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
-    }
-    const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-    if (!primaryEmail) {
-      return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
-    }
+  const { email } = currentUser()
 
-    searchUser = await userAppService.getByEmail(primaryEmail.emailAddress)
-  } else {
-    searchUser = await userAppService.getByEmail("[email protected]")
+  if (!email) {
+    return NextResponse.json({ error: "Vous devez être connecté pour créer un mot de passe." }, { status: 401 })
   }
 
+  const searchUser = await userAppService.getByEmail(email)
+
   if (!searchUser) {
-    return NextResponse.json({ error: "Impossible de trouver l&aposuser." }, { status: 400 })
+    return NextResponse.json({ error: "Impossible de trouver l'utilisateur." }, { status: 400 })
   }
 
   return NextResponse.json({ message: "Acces autorisé", publicKey: searchUser.publicKey.toString("utf-8") }, { status: 200 })

diff --git a/src/app/api/passwords/[id]/route.ts b/src/app/api/passwords/[id]/route.ts
@@ -1,41 +1,19 @@
-import { guardedPasswordService } from "@/services/GuardedPassword.service"
-import { verifyAccessToken } from "@/services/auth.service"
-import { userAppService } from "@/services/userApp.service"
-import { currentUser } from "@clerk/nextjs"
-import { cookies } from "next/headers"
+import { currentUser } from "@/lib/hooks/auth"
+import { guardedPasswordService } from "@/lib/services/GuardedPassword.service"
+import { userAppService } from "@/lib/services/userApp.service"
 import { NextRequest, NextResponse } from "next/server"
 
 export async function DELETE(request: NextRequest, { params }: { params: { id: string } }) {
-  const user = await currentUser()
-  let cUser
-  if (user) {
-    if (!user?.primaryEmailAddressId) {
-      return NextResponse.json({ error: "Impossible de trouver l'e-mail." }, { status: 400 })
-    }
-
-    const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-    if (!primaryEmail) {
-      return NextResponse.json({ error: "Impossible de trouver l'apose-mail." }, { status: 400 })
-    }
-
-    const cookieStore = cookies()
-    const accessToken = cookieStore.get("accessToken")
-    if (!accessToken) {
-      return NextResponse.json({ error: "Pas de token d'acces dans les cookies." }, { status: 400 })
-    }
-    try {
-      const decoded = verifyAccessToken(accessToken.value)
-    } catch (err) {
-      return NextResponse.json({ error: "Le token n'est pas valide ou à expiré." }, { status: 400 })
-    }
-
-    cUser = await userAppService.getByEmail(primaryEmail.emailAddress)
-  } else {
-    cUser = await userAppService.getByEmail("[email protected]")
+  const { email } = currentUser()
+
+  if (!email) {
+    return NextResponse.json({ error: "Vous devez être connecté pour supprimer un mot de passe." }, { status: 401 })
   }
 
+  const cUser = await userAppService.getByEmail(email)
+
   if (!cUser) {
-    return NextResponse.json({ error: "Impossible de trouver l'user." }, { status: 400 })
+    return NextResponse.json({ error: "Impossible de trouver l'utilisateur." }, { status: 400 })
   }
 
   if (!params.id) {
@@ -53,36 +31,16 @@ export async function DELETE(request: NextRequest, { params }: { params: { id: s
 }
 
 export async function PUT(request: NextRequest, { params }: { params: { id: string } }) {
-  const user = await currentUser()
-  let cUser
-  if (user) {
-    if (!user?.primaryEmailAddressId) {
-      return NextResponse.json({ error: "Impossible de trouver l'e-mail." }, { status: 400 })
-    }
-
-    const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-    if (!primaryEmail) {
-      return NextResponse.json({ error: "Impossible de trouver l'apose-mail." }, { status: 400 })
-    }
-
-    const cookieStore = cookies()
-    const accessToken = cookieStore.get("accessToken")
-    if (!accessToken) {
-      return NextResponse.json({ error: "Pas de token d'acces dans les cookies." }, { status: 400 })
-    }
-    try {
-      const decoded = verifyAccessToken(accessToken.value)
-    } catch (err) {
-      return NextResponse.json({ error: "Le token n'est pas valide ou à expiré." }, { status: 400 })
-    }
-
-    cUser = await userAppService.getByEmail(primaryEmail.emailAddress)
-  } else {
-    cUser = await userAppService.getByEmail("[email protected]")
+  const { email } = await currentUser()
+
+  if (!email) {
+    return NextResponse.json({ error: "Vous devez être connecté pour supprimer un mot de passe." }, { status: 401 })
   }
 
+  const cUser = await userAppService.getByEmail(email)
+
   if (!cUser) {
-    return NextResponse.json({ error: "Impossible de trouver l'user." }, { status: 400 })
+    return NextResponse.json({ error: "Impossible de trouver l'utilisateur." }, { status: 400 })
   }
 
   if (!params.id) {

diff --git a/src/app/api/passwords/route.ts b/src/app/api/passwords/route.ts
@@ -1,78 +1,19 @@
-import { guardedPasswordService } from "@/services/GuardedPassword.service"
-import { verifyAccessToken } from "@/services/auth.service"
-import { userAppService } from "@/services/userApp.service"
-import { currentUser } from "@clerk/nextjs"
-import { cookies } from "next/headers"
+import { currentUser } from "@/lib/hooks/auth"
+import { guardedPasswordService } from "@/lib/services/GuardedPassword.service"
+import { userAppService } from "@/lib/services/userApp.service"
 import { NextRequest, NextResponse } from "next/server"
 
-// Récupérer tous les mots de passe
-export async function GET(request: NextRequest) {
-  const user = await currentUser()
-  if (!user?.primaryEmailAddressId) {
-    return NextResponse.json({ error: "Impossible de trouver l'e-mail." }, { status: 400 })
-  }
-
-  const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-  if (!primaryEmail) {
-    return NextResponse.json({ error: "Impossible de trouver l'e-mail." }, { status: 400 })
-  }
-
-  const cookieStore = cookies()
-  const accessToken = cookieStore.get("accessToken")
-  if (!accessToken) {
-    return NextResponse.json({ error: "Pas de token d'acces dans les cookies." }, { status: 400 })
-  }
-  try {
-    const decoded = verifyAccessToken(accessToken.value)
-  } catch (err) {
-    return NextResponse.json({ error: "Le token n'est pas valide ou à expiré." }, { status: 400 })
-  }
-
-  const cUser = await userAppService.getByEmail(primaryEmail.emailAddress)
-  if (!cUser) {
-    return NextResponse.json({ error: "Impossible de trouver l'user." }, { status: 400 })
-  }
-
-  const passwords = await guardedPasswordService.getAllGuardedPasswordByUserID(cUser.id)
-  if (!passwords) {
-    return NextResponse.json({ error: "Echec dans la récupération des mots de passe." }, { status: 400 })
-  }
-
-  return NextResponse.json({ message: "Acces autorisé", passwords: passwords }, { status: 200 })
-}
-
 // Création d'un mot de passe
 export async function POST(request: NextRequest) {
-  const user = await currentUser()
-  let cUser
-  if (user) {
-    if (!user?.primaryEmailAddressId) {
-      return NextResponse.json({ error: "Impossible de trouver l'e-mail." }, { status: 400 })
-    }
-
-    const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-    if (!primaryEmail) {
-      return NextResponse.json({ error: "Impossible de trouver l'apose-mail." }, { status: 400 })
-    }
-
-    const cookieStore = cookies()
-    const accessToken = cookieStore.get("accessToken")
-    if (!accessToken) {
-      return NextResponse.json({ error: "Pas de token d'acces dans les cookies." }, { status: 400 })
-    }
-    try {
-      const decoded = verifyAccessToken(accessToken.value)
-    } catch (err) {
-      return NextResponse.json({ error: "Le token n'est pas valide ou à expiré." }, { status: 400 })
-    }
+  const { email, privateKey } = currentUser()
 
-    cUser = await userAppService.getByEmail(primaryEmail.emailAddress)
-  } else {
-    cUser = await userAppService.getByEmail("[email protected]")
+  if (!email || !privateKey) {
+    return NextResponse.json({ error: "Vous devez être connecté pour créer un mot de passe." }, { status: 401 })
   }
 
+  const cUser = await userAppService.getByEmail(email)
   if (!cUser) {
-    return NextResponse.json({ error: "Impossible de trouver l'user." }, { status: 400 })
+    return NextResponse.json({ error: "Impossible de trouver l'utilisateur." }, { status: 400 })
   }
 
   const {

diff --git a/src/app/api/user/route.ts b/src/app/api/user/route.ts
@@ -1,63 +1,26 @@
-import { verifyAccessToken } from "@/services/auth.service"
-import { generateRSAKeyPair } from "@/services/security.service"
-import { userAppService } from "@/services/userApp.service"
-import { currentUser } from "@clerk/nextjs"
+import { generateRSAKeyPair } from "@/lib/services/security.service"
+import { userAppService } from "@/lib/services/userApp.service"
 import { UserApp } from "@prisma/client"
 import bcrypt from "bcrypt"
-import { cookies } from "next/headers"
 import { NextRequest, NextResponse } from "next/server"
 
-export async function GET(request: NextRequest) {
-  const user = await currentUser()
-
-  if (!user) {
-    return NextResponse.json({ error: "Impossible de trouver l&aposaposuser." }, { status: 400 })
-  }
-
-  const cookieStore = cookies()
-  const accessToken = cookieStore.get("accessToken")
-  if (!accessToken) {
-    return NextResponse.json({ error: "Pas de token d&aposacces dans les cookies." }, { status: 400 })
-  }
-  try {
-    const decoded = verifyAccessToken(accessToken.value)
-  } catch (err) {
-    return NextResponse.json({ error: "Le token n&aposest pas valide ou à expiré." }, { status: 400 })
-  }
-
-  return NextResponse.json({ message: "Acces autorisé" }, { status: 200 })
-}
-
 export async function POST(request: NextRequest) {
   const randomSalt = await bcrypt.genSalt(16)
-  const { hashMaster } = await request.json()
-  const user = await currentUser()
-
-  // Verifie que l&aposuser est bien connecté avec clerk
-  if (!user?.primaryEmailAddressId || !user.firstName || !user.lastName) {
-    return NextResponse.json({ error: "Impossible de trouver l&aposuser." }, { status: 400 })
-  }
-  const name = `${user.firstName} ${user.lastName}`
-
-  // recherche de l&aposemail principale s&aposil existe.
-  const primaryEmail = user.emailAddresses.find((email) => email.id == user.primaryEmailAddressId)
-  if (!primaryEmail) {
-    return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
-  }
+  const { hashMaster, email } = await request.json()
 
   // Est-ce un nouvel user comme prévu ?
-  const searchCurrentUser = await userAppService.getByEmail(primaryEmail.emailAddress)
+  const searchCurrentUser = await userAppService.getByEmail(email)
   if (searchCurrentUser) {
-    return NextResponse.json({ error: "Impossible de trouver l&apose-mail." }, { status: 400 })
+    return NextResponse.json({ error: "Utilisateur déjà existant" }, { status: 400 })
   }
 
   try {
     const doubleHashedMaster = await bcrypt.hash(hashMaster, randomSalt)
     const { privateKey, publicKey } = generateRSAKeyPair()
 
     const newUser: Omit<UserApp, "id"> = {
-      email: primaryEmail.emailAddress,
-      name: name,
+      email: email,
+      name: email.split("@")[0],
       masterPassword: Buffer.from(doubleHashedMaster, "utf-8"),
       salt: randomSalt,
       privateKey: Buffer.from(privateKey.toString(), "utf-8"),