Auth implemented

backend/src/api/auth.ts

@@ -0,0 +1,44 @@
+// backend/src/api/auth.ts
+import express from 'express';
+import * as dotenv from 'dotenv';
+import * as path from 'path';
+import { AuthService } from '../services/AuthService';
+import { SessionService } from '../services/SessionService';
+import { AuthLogger } from '../services/AuthLogger';
+
+dotenv.config({ path: path.resolve(__dirname, '../../.env') });
+
+const SESSION_SECRET = process.env.SESSION_SECRET;
+const JWT_SECRET = process.env.JWT_SECRET;
+
+if (!SESSION_SECRET) {
+  throw new Error('SESSION_SECRET is not defined in the environment variables.');
+}
+
+if (!JWT_SECRET) {
+  throw new Error('JWT_SECRET is not defined in the environment variables.');
+}
+
+const router = express.Router();
+
+router.post('/passphrase', (req, res) => {
+  const { passphrase } = req.body;
+  const ipAddress = req.ip || ''; // Get IP address for logging, default to empty string if undefined
+
+  if (!passphrase) {
+    AuthLogger.logAttempt('failure', ipAddress);
+    return res.status(400).json({ message: 'Passphrase is required.' });
+  }
+
+  if (AuthService.validatePassphrase(passphrase)) {
+    const session = SessionService.createSession();
+    SessionService.authenticateSession(session.id);
+    AuthLogger.logAttempt('success', ipAddress);
+    return res.status(200).json({ message: 'Authentication successful', sessionToken: session.id });
+  } else {
+    AuthLogger.logAttempt('failure', ipAddress);
+    return res.status(401).json({ message: 'Invalid passphrase' });
+  }
+});
+
+export default router;