Shinobi/libs/auth/google.js

const {OAuth2Client} = require('google-auth-library');
module.exports = (s,config,lang) => {
    const {
        basicAuth,
    } = require('./utils.js')(s,config,lang)
    const client = new OAuth2Client(config.appTokenGoogle);
    async function verifyToken(userLoginToken) {
      const ticket = await client.verifyIdToken({
          idToken: userLoginToken,
          audience: config.appTokenGoogle,
      });
      const payload = ticket.getPayload();
      const userid = payload['sub'];
      return {
          ok: !!payload.email,
          user: payload.email ? {
              id: userid,
              name: payload.name,
              email: payload.email,
              picture: payload.picture,
          } : null,
      }
    }
    async function bindLoginIdToUser(loginId,groupKey,userId) {
        const response = {ok: false}
        const searchResponse = await s.knexQueryPromise({
            action: "select",
            columns: '*',
            table: "LoginTokens",
            where: [
                ['loginId','=',`google-${loginId}`],
            ]
        })
        if(!searchResponse.rows[0]){
            const insertResponse = await s.knexQueryPromise({
                action: "insert",
                table: "LoginTokens",
                insert: {
                    loginId: `google-${loginId}`,
                    ke: groupKey,
                    uid: userId,
                    lastLogin: new Date(),
                }
            })
            response.ok = insertResponse.ok
        }
        return response
    }
    async function refreshLoginTokenAccessDate(loginId) {
        const response = {ok: false}
        const updateResponse = await s.knexQueryPromise({
            action: "update",
            table: "LoginTokens",
            update: {
                lastLogin: new Date()
            },
            where: [
                ['loginId','=',`google-${loginId}`],
            ]
        })
        response.ok = updateResponse.ok
        return response
    }
    async function deleteLoginToken(loginId) {
        const response = {ok: false}
        const updateResponse = await s.knexQueryPromise({
            action: "delete",
            table: "LoginTokens",
            where: [
                ['loginId','=',`google-${loginId}`],
            ]
        })
        response.ok = updateResponse.ok
        return response
    }
    async function loginWithGoogleAccount(userLoginToken) {
        const response = {ok: false, googleSignedIn: false}
        const tokenResponse = await verifyToken(userLoginToken)
        if(tokenResponse.ok){
            const user = tokenResponse.user
            response.googleSignedIn = true
            response.googleUser = user
            const searchResponse = await s.knexQueryPromise({
                action: "select",
                columns: '*',
                table: "LoginTokens",
                where: [
                    ['loginId','=',`google-${user.id}`],
                ]
            })
            if(searchResponse.rows[0]){
                const loginTokenRow = searchResponse.rows[0]
                const userResponse = await s.knexQueryPromise({
                    action: "select",
                    columns: '*',
                    table: "Users",
                    where: [
                        ['uid','=',loginTokenRow.uid],
                        ['ke','=',loginTokenRow.ke],
                    ]
                })
                response.ok = true
                userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)
                response.user = userResponse.rows[0]
            }else{
                console.log('This Token is Not Binded to a User!')
                // make new if no users?
            }
        }
        return response
    }
    s.onProcessReady(() => {
        s.alternateLogins['google'] = async (params) => {
            const response = { ok: false }
            const loginToken = params.alternateLoginToken
            const username = params.mail
            const password = params.pass
            const googleLoginResponse = await loginWithGoogleAccount(loginToken)
            if(googleLoginResponse.user){
                response.ok = true
                response.user = googleLoginResponse.user
            }else if(config.allowBindingAltLoginsFromLoginPage && googleLoginResponse.googleSignedIn && username && password){
                const basicAuthResponse = await basicAuth(username,password)
                if(basicAuthResponse.user){
                    const user = basicAuthResponse.user
                    const loginId = googleLoginResponse.googleUser.id
                    const groupKey = user.ke
                    const userId = user.uid
                    const bindResponse = await bindLoginIdToUser(loginId,groupKey,userId)
                    response.ok = true
                    response.user = basicAuthResponse.user
                }
            }
            return response
        }
        // s.customAutoLoadTree['LibsJs'].push(`dash2.googleSignIn.js`)
    })
    return {
        client: client,
        verifyToken: verifyToken,
        deleteLoginToken: deleteLoginToken,
        bindLoginIdToUser: bindLoginIdToUser,
        loginWithGoogleAccount: loginWithGoogleAccount,
        refreshLoginTokenAccessDate: refreshLoginTokenAccessDate,
    }
}
google login test framework 2021-04-01 06:03:34 +00:00			`const {OAuth2Client} = require('google-auth-library');`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`module.exports = (s,config,lang) => {`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`const {`
			`basicAuth,`
			`} = require('./utils.js')(s,config,lang)`
google login test framework 2021-04-01 06:03:34 +00:00			`const client = new OAuth2Client(config.appTokenGoogle);`
			`async function verifyToken(userLoginToken) {`
			`const ticket = await client.verifyIdToken({`
			`idToken: userLoginToken,`
			`audience: config.appTokenGoogle,`
			`});`
			`const payload = ticket.getPayload();`
			`const userid = payload['sub'];`
			`return {`
			`ok: !!payload.email,`
			`user: payload.email ? {`
			`id: userid,`
			`name: payload.name,`
			`email: payload.email,`
			`picture: payload.picture,`
			`} : null,`
			`}`
			`}`
			`async function bindLoginIdToUser(loginId,groupKey,userId) {`
			`const response = {ok: false}`
			`const searchResponse = await s.knexQueryPromise({`
			`action: "select",`
			`columns: '*',`
			`table: "LoginTokens",`
			`where: [`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			['loginId','=',`google-${loginId}`],
google login test framework 2021-04-01 06:03:34 +00:00			`]`
			`})`
			`if(!searchResponse.rows[0]){`
			`const insertResponse = await s.knexQueryPromise({`
			`action: "insert",`
			`table: "LoginTokens",`
			`insert: {`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			loginId: `google-${loginId}`,
google login test framework 2021-04-01 06:03:34 +00:00			`ke: groupKey,`
			`uid: userId,`
			`lastLogin: new Date(),`
			`}`
			`})`
			`response.ok = insertResponse.ok`
			`}`
			`return response`
			`}`
			`async function refreshLoginTokenAccessDate(loginId) {`
			`const response = {ok: false}`
			`const updateResponse = await s.knexQueryPromise({`
			`action: "update",`
			`table: "LoginTokens",`
			`update: {`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			`lastLogin: new Date()`
google login test framework 2021-04-01 06:03:34 +00:00			`},`
			`where: [`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			['loginId','=',`google-${loginId}`],
google login test framework 2021-04-01 06:03:34 +00:00			`]`
			`})`
			`response.ok = updateResponse.ok`
			`return response`
			`}`
			`async function deleteLoginToken(loginId) {`
			`const response = {ok: false}`
			`const updateResponse = await s.knexQueryPromise({`
			`action: "delete",`
			`table: "LoginTokens",`
			`where: [`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			['loginId','=',`google-${loginId}`],
google login test framework 2021-04-01 06:03:34 +00:00			`]`
			`})`
			`response.ok = updateResponse.ok`
			`return response`
			`}`
			`async function loginWithGoogleAccount(userLoginToken) {`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`const response = {ok: false, googleSignedIn: false}`
google login test framework 2021-04-01 06:03:34 +00:00			`const tokenResponse = await verifyToken(userLoginToken)`
			`if(tokenResponse.ok){`
			`const user = tokenResponse.user`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`response.googleSignedIn = true`
			`response.googleUser = user`
google login test framework 2021-04-01 06:03:34 +00:00			`const searchResponse = await s.knexQueryPromise({`
			`action: "select",`
			`columns: '*',`
			`table: "LoginTokens",`
			`where: [`
make LoginTokens designated by prefix name 2021-04-03 21:27:08 +00:00			['loginId','=',`google-${user.id}`],
google login test framework 2021-04-01 06:03:34 +00:00			`]`
			`})`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`if(searchResponse.rows[0]){`
			`const loginTokenRow = searchResponse.rows[0]`
google login test framework 2021-04-01 06:03:34 +00:00			`const userResponse = await s.knexQueryPromise({`
			`action: "select",`
			`columns: '*',`
			`table: "Users",`
			`where: [`
			`['uid','=',loginTokenRow.uid],`
			`['ke','=',loginTokenRow.ke],`
			`]`
			`})`
			`response.ok = true`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)`
			`response.user = userResponse.rows[0]`
google login test framework 2021-04-01 06:03:34 +00:00			`}else{`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`console.log('This Token is Not Binded to a User!')`
google login test framework 2021-04-01 06:03:34 +00:00			`// make new if no users?`
			`}`
			`}`
			`return response`
			`}`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`s.onProcessReady(() => {`
			`s.alternateLogins['google'] = async (params) => {`
			`const response = { ok: false }`
			`const loginToken = params.alternateLoginToken`
			`const username = params.mail`
			`const password = params.pass`
			`const googleLoginResponse = await loginWithGoogleAccount(loginToken)`
			`if(googleLoginResponse.user){`
			`response.ok = true`
			`response.user = googleLoginResponse.user`
			`}else if(config.allowBindingAltLoginsFromLoginPage && googleLoginResponse.googleSignedIn && username && password){`
			`const basicAuthResponse = await basicAuth(username,password)`
			`if(basicAuthResponse.user){`
			`const user = basicAuthResponse.user`
			`const loginId = googleLoginResponse.googleUser.id`
			`const groupKey = user.ke`
			`const userId = user.uid`
			`const bindResponse = await bindLoginIdToUser(loginId,groupKey,userId)`
			`response.ok = true`
			`response.user = basicAuthResponse.user`
			`}`
			`}`
			`return response`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`}`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			// s.customAutoLoadTree['LibsJs'].push(`dash2.googleSignIn.js`)
			`})`
google login test framework 2021-04-01 06:03:34 +00:00			`return {`
			`client: client,`
			`verifyToken: verifyToken,`
			`deleteLoginToken: deleteLoginToken,`
			`bindLoginIdToUser: bindLoginIdToUser,`
			`loginWithGoogleAccount: loginWithGoogleAccount,`
			`refreshLoginTokenAccessDate: refreshLoginTokenAccessDate,`
			`}`
			`}`