feat: add JWT

back-end/.env.example

@@ -2,7 +2,8 @@
 # .env.production for production
 NODE_PORT=3000
 NODE_ENV=dev
-
+NODE_JWT_ISSUER="free-briques"
+NODE_JWT_SECRET="ec2fbbfed81a2fef0115ed3de701071db6a6234550624f604f14ddf422bb9761"
 # those values must be the same as in ../docker-compose.dev.yml 
 DB_HOST=localhost
 DB_NAME=briques_db

back-end/.env.production

@@ -1,5 +1,7 @@
 NODE_PORT=3000
 NODE_ENV=production
+NODE_JWT_ISSUER="free-briques"
+NODE_JWT_SECRET="ec2fbbfed81a2fef0115ed3de701071db6a6234550624f604f14ddf422bb9761"
 DB_HOST=briques_postgres
 DB_NAME=briques_db
 DB_USER=briques_llm

back-end/src/config/auth.config.ts

@@ -1,9 +1,9 @@
 import { createSecretKey } from 'crypto';
 
-const JWT_ISSUER = process.env.NODE_JWT_ISSUER as string;
+const JWT_ISSUER = (process.env.NODE_JWT_ISSUER ?? 'free-briques') as string;
 const JWT_AUDIENCE = '*';
-const JWT_SECRET = process.env.NODE_JWT_SECRET as string;
+const JWT_SECRET = (process.env.NODE_JWT_SECRET) as string;
 const JWT_EXPIRATION = '1 week';
 const JWT_SECRET_KEY = createSecretKey(JWT_SECRET as string, 'utf-8');
 
-export {JWT_ISSUER, JWT_AUDIENCE, JWT_SECRET, JWT_EXPIRATION, JWT_SECRET_KEY };
+export { JWT_ISSUER, JWT_AUDIENCE, JWT_SECRET, JWT_EXPIRATION, JWT_SECRET_KEY };

back-end/src/controllers/auth.controller.ts

@@ -1,5 +1,7 @@
 import { Request, Response, Router } from 'express';
 import bcrypt from 'bcrypt';
+import { SignJWT } from 'jose';
+import { JWT_ISSUER, JWT_AUDIENCE, JWT_SECRET, JWT_EXPIRATION, JWT_SECRET_KEY } from '../config/auth.config';
 import { Member, User } from '../types/member';
 import { new_client } from '../db/db_client';
 import { Either, eitherLeft, eitherRight } from '../utils/utils';
@@ -47,7 +49,6 @@ function userAdapter(member: Member): User {
     return { id_member: member.id_member, name: member.name };
 }
 
-
 const register = (req: Request, res: Response) => {
     if (!req || !req.body || !req.body.name || !req.body.password) {
         res.status(400).send();
@@ -66,10 +67,17 @@ const register = (req: Request, res: Response) => {
             }
 
             const member: Either<Member, string> = await createMember(name, hash);
-            if (member.hasRight)
+            if (member.hasRight) {
-                res.send(member.right);
+                res.status(401).send(member.right);
-            else
+                return;
-                res.send(userAdapter(member.left));
+            }
+            const token = await new SignJWT({ name })
+                .setProtectedHeader({ alg: 'HS256' })
+                .setAudience(JWT_AUDIENCE)
+                .setIssuer(JWT_ISSUER)
+                .setExpirationTime(JWT_EXPIRATION)
+                .sign(JWT_SECRET_KEY);
+            res.status(200).send({ member: userAdapter(member.left), token: token});
         });
     });
 };
@@ -85,7 +93,7 @@ const login = async (req: Request, res: Response) => {
         res.send(member.right).send();
         return;
     }
-    bcrypt.compare(req.body.password, member.left.password, (err, r) => {
+    bcrypt.compare(req.body.password, member.left.password, async (err, r) => {
         if (err) {
             res.status(500).send();
             return;
@@ -94,7 +102,13 @@ const login = async (req: Request, res: Response) => {
             res.status(401).send();
             return;
         }
-        res.status(200).send();
+        const token = await new SignJWT({ name })
+            .setProtectedHeader({ alg: 'HS256' })
+            .setAudience(JWT_AUDIENCE)
+            .setIssuer(JWT_ISSUER)
+            .setExpirationTime(JWT_EXPIRATION)
+            .sign(JWT_SECRET_KEY);
+        res.status(200).send({ member: userAdapter(member.left), token: token});
     });
 };