Spaces:

Achyuth4
/

LibreChat

Running

App Files Files Community

LibreChat / api /server /controllers /AuthController.js

N.Achyuth Reddy

Upload 683 files

9705b6c over 1 year ago

history blame contribute delete

3.85 kB

	const {
	registerUser,
	requestPasswordReset,
	resetPassword,
	setAuthTokens,
	} = require('../services/AuthService');
	const jose = require('jose');
	const jwt = require('jsonwebtoken');
	const Session = require('../../models/Session');
	const User = require('../../models/User');
	const crypto = require('crypto');
	const cookies = require('cookie');

	const registrationController = async (req, res) => {
	try {
	const response = await registerUser(req.body);
	if (response.status === 200) {
	const { status, user } = response;
	let newUser = await User.findOne({ _id: user._id });
	if (!newUser) {
	newUser = new User(user);
	await newUser.save();
	}
	const token = await setAuthTokens(user._id, res);
	res.setHeader('Authorization', `Bearer ${token}`);
	res.status(status).send({ user });
	} else {
	const { status, message } = response;
	res.status(status).send({ message });
	}
	} catch (err) {
	console.log(err);
	return res.status(500).json({ message: err.message });
	}
	};

	const getUserController = async (req, res) => {
	return res.status(200).send(req.user);
	};

	const resetPasswordRequestController = async (req, res) => {
	try {
	const resetService = await requestPasswordReset(req.body.email);
	if (resetService instanceof Error) {
	return res.status(400).json(resetService);
	} else {
	return res.status(200).json(resetService);
	}
	} catch (e) {
	console.log(e);
	return res.status(400).json({ message: e.message });
	}
	};

	const resetPasswordController = async (req, res) => {
	try {
	const resetPasswordService = await resetPassword(
	req.body.userId,
	req.body.token,
	req.body.password,
	);
	if (resetPasswordService instanceof Error) {
	return res.status(400).json(resetPasswordService);
	} else {
	return res.status(200).json(resetPasswordService);
	}
	} catch (e) {
	console.log(e);
	return res.status(400).json({ message: e.message });
	}
	};

	const refreshController = async (req, res) => {
	const refreshToken = req.headers.cookie ? cookies.parse(req.headers.cookie).refreshToken : null;
	if (!refreshToken) {
	return res.status(200).send('Refresh token not provided');
	}

	try {
	let payload;
	if (typeof Bun !== 'undefined') {
	const secret = new TextEncoder().encode(process.env.JWT_REFRESH_SECRET);
	({ payload } = await jose.jwtVerify(refreshToken, secret));
	} else {
	payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
	}
	const userId = payload.id;
	const user = await User.findOne({ _id: userId });
	if (!user) {
	return res.status(401).redirect('/login');
	}

	if (process.env.NODE_ENV === 'development') {
	const token = await setAuthTokens(userId, res);
	const userObj = user.toJSON();
	return res.status(200).send({ token, user: userObj });
	}

	// Hash the refresh token
	const hash = crypto.createHash('sha256');
	const hashedToken = hash.update(refreshToken).digest('hex');

	// Find the session with the hashed refresh token
	const session = await Session.findOne({ user: userId, refreshTokenHash: hashedToken });
	if (session && session.expiration > new Date()) {
	const token = await setAuthTokens(userId, res, session._id);
	const userObj = user.toJSON();
	res.status(200).send({ token, user: userObj });
	} else if (payload.exp < Date.now() / 1000) {
	res.status(403).redirect('/login');
	} else {
	res.status(401).send('Refresh token expired or not found for this user');
	}
	} catch (err) {
	res.status(401).send('Invalid refresh token');
	}
	};

	module.exports = {
	getUserController,
	refreshController,
	registrationController,
	resetPasswordRequestController,
	resetPasswordController,
	};