45 lines
1.5 KiB
TypeScript
45 lines
1.5 KiB
TypeScript
// backend/src/api/auth.ts
|
|
import express from 'express';
|
|
import * as dotenv from 'dotenv';
|
|
import * as path from 'path';
|
|
import { AuthService } from '../services/AuthService';
|
|
import { SessionService } from '../services/SessionService';
|
|
import { AuthLogger } from '../services/AuthLogger';
|
|
|
|
dotenv.config({ path: path.resolve(__dirname, '../../.env') });
|
|
|
|
const SESSION_SECRET = process.env.SESSION_SECRET;
|
|
const JWT_SECRET = process.env.JWT_SECRET;
|
|
|
|
if (!SESSION_SECRET) {
|
|
throw new Error('SESSION_SECRET is not defined in the environment variables.');
|
|
}
|
|
|
|
if (!JWT_SECRET) {
|
|
throw new Error('JWT_SECRET is not defined in the environment variables.');
|
|
}
|
|
|
|
const router = express.Router();
|
|
|
|
router.post('/passphrase', (req, res) => {
|
|
const { passphrase } = req.body;
|
|
const ipAddress = req.ip || ''; // Get IP address for logging, default to empty string if undefined
|
|
|
|
if (!passphrase) {
|
|
AuthLogger.logAttempt('failure', ipAddress);
|
|
return res.status(400).json({ message: 'Passphrase is required.' });
|
|
}
|
|
|
|
if (AuthService.validatePassphrase(passphrase)) {
|
|
const session = SessionService.createSession();
|
|
SessionService.authenticateSession(session.id);
|
|
AuthLogger.logAttempt('success', ipAddress);
|
|
return res.status(200).json({ message: 'Authentication successful', sessionToken: session.id });
|
|
} else {
|
|
AuthLogger.logAttempt('failure', ipAddress);
|
|
return res.status(401).json({ message: 'Invalid passphrase' });
|
|
}
|
|
});
|
|
|
|
export default router;
|