Finished up with remember me middleware.

2025-10-21 00:10:17 -04:00 · 2025-10-21 00:10:17 -04:00 · 61ec3ffc52
commit 61ec3ffc52
parent e00e5a608b
4 changed files with 107 additions and 11 deletions
--- a/src/utils/sessionUtils.js
+++ b/src/utils/sessionUtils.js
@ -14,6 +14,9 @@ GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/

+//npm imports
+const {validationResult, matchedData} = require('express-validator');
+
 //Local Imports
 const config = require('../../config.json');
 const {userModel} = require('../schemas/user/userSchema.js');
@ -101,7 +104,7 @@ module.exports.authenticateSession = async function(identifier, secret, req, use

        //If we're using remember me tokens
        if(useRememberMeToken){
-
+            userDB = await rememberMeModel.authenticate(identifier, secret);
        //Otherwise
        }else{
            //Fallback on to username/password authentication
@ -211,5 +214,44 @@ module.exports.processExpiredAttempts = function(){
    }
 }

+module.exports.rememberMeMiddleware = function(req, res, next){
+    //if we have an un-authenticated user
+    if(req.session.user == null || req.session.user == ""){
+        //Check validation result
+        const validResult = validationResult(req);
+
+        //if we don't have errors
+        if(validResult.isEmpty()){
+            //Pull verified data from request
+            const data = matchedData(req);
+
+            //If we have a valid remember me id and token
+            if(data.rememberme != null && data.rememberme.id != null && data.rememberme.token != null){
+                    //Authenticate against standard auth function in remember me mode
+                    module.exports.authenticateSession(data.rememberme.id, data.rememberme.token, req, true).then((userDB)=>{
+                        //Jump to next middleware
+                        next();
+                    }).catch((err)=>{
+                        //Clear out remember me fields
+                        res.clearCookie('rememberme.id');
+                        res.clearCookie('rememberme.token');
+
+                        //Bitch, Moan, and guess what? That's fuckin' right! COMPLAIN!!!!
+                        return loggerUtils.exceptionHandler(res, err);
+                    });
+            }else{
+                //Jump to next middleware, this looks gross but it's only because they made me use .then like a bunch of fucking dicks
+                next();
+            }
+        }else{
+            //Jump to next middleware
+            next();
+        }
+    }else{
+        //Jump to next middleware
+        next();
+    }
+}
+
 module.exports.throttleAttempts = throttleAttempts;
 module.exports.maxAttempts = maxAttempts;