diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js index c603d37c7..1b8b5e022 100644 --- a/api/auth/auth-middleware.js +++ b/api/auth/auth-middleware.js @@ -1,4 +1,7 @@ -const { JWT_SECRET } = require("../secrets"); // use this secret! +const jwt = require("jsonwebtoken"); +const { JWT_SECRET } = require("./../secrets"); // use this secret! +const User = require("./../users/users-model"); +const yup = require("yup"); const restricted = (req, res, next) => { /* @@ -16,7 +19,25 @@ const restricted = (req, res, next) => { Put the decoded token in the req object, to make life easier for middlewares downstream! */ -} + const token = req.headers.authorization; + if (!token) { + return next({ + status: 401, + message: "Token required" + }); + } + jwt.verify(token, JWT_SECRET, (err, decoded) => { + if (err) { + return next({ + status: 401, + message: "Token invalid" + }); + } + req.decodedJwt = decoded; + next(); + }) +}; + const only = role_name => (req, res, next) => { /* @@ -29,10 +50,18 @@ const only = role_name => (req, res, next) => { Pull the decoded token from the req object, to avoid verifying it again! */ -} + if (req.decodedJwt.role_name !== role_name) { + next({ + status: 403, + message: "This is not for you" + }); + } else { + next(); + } +}; -const checkUsernameExists = (req, res, next) => { +const checkUsernameExists = async (req, res, next) => { /* If the username in req.body does NOT exist in the database status 401 @@ -40,10 +69,20 @@ const checkUsernameExists = (req, res, next) => { "message": "Invalid credentials" } */ -} + const { username } = req.body; + const user = await User.findBy({ username }); + if (!user) { + next({ + status: 401, + message: "Invalid credentials" + }); + } else { + next(); + } +}; -const validateRoleName = (req, res, next) => { +const validateRoleName = async (req, res, next) => { /* If the role_name in the body is valid, set req.role_name to be the trimmed string and proceed. @@ -62,11 +101,30 @@ const validateRoleName = (req, res, next) => { "message": "Role name can not be longer than 32 chars" } */ -} + const roleSchema = yup.object().shape({ + role_name: yup + .string() + .trim() + .notOneOf(["admin"], "Role name can not be admin") + .max(32, "Role name can not be longer than 32 chars") + .default(() => { return "student" }) + }) + try { + const { role_name } = req.body; + const validatedRole = await roleSchema.validate({ role_name }) + req.role_name = validatedRole.role_name; + next() + } catch (err) { + next({ + status: 422, + message: err.errors[0] + }) + } +}; module.exports = { restricted, checkUsernameExists, validateRoleName, only, -} +}; diff --git a/api/auth/auth-router.js b/api/auth/auth-router.js index c723c2da8..c5823f33f 100644 --- a/api/auth/auth-router.js +++ b/api/auth/auth-router.js @@ -1,42 +1,85 @@ const router = require("express").Router(); -const { checkUsernameExists, validateRoleName } = require('./auth-middleware'); -const { JWT_SECRET } = require("../secrets"); // use this secret! - -router.post("/register", validateRoleName, (req, res, next) => { - /** - [POST] /api/auth/register { "username": "anna", "password": "1234", "role_name": "angel" } - - response: - status 201 - { - "user"_id: 3, - "username": "anna", - "role_name": "angel" - } - */ -}); +const bcrypt = require("bcryptjs"); +const jwt = require("jsonwebtoken"); +const { + checkUsernameExists, + validateRoleName +} = require('./auth-middleware'); +const User = require("./../users/users-model"); +const { BCRYPT_ROUNDS } = require("./../../config"); +const buildToken = require("./token-builder"); + +router.post("/register", + validateRoleName, + async (req, res, next) => { + /** + [POST] /api/auth/register { "username": "anna", "password": "1234", "role_name": "angel" } + response: + status 201 + { + "user"_id: 3, + "username": "anna", + "role_name": "angel" + } + */ + try { + let user = req.body; + const hash = bcrypt.hashSync(user.password, BCRYPT_ROUNDS); + user.role_name = req.role_name; + user.password = hash; -router.post("/login", checkUsernameExists, (req, res, next) => { - /** - [POST] /api/auth/login { "username": "sue", "password": "1234" } + const newUser = await User.add(user); - response: - status 200 - { - "message": "sue is back!", - "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.ETC.ETC" + res.status(201).json(newUser); + } catch (err) { + next(err); } + } +); + + +router.post("/login", + checkUsernameExists, + async (req, res, next) => { + /** + [POST] /api/auth/login { "username": "sue", "password": "1234" } + + response: + status 200 + { + "message": "sue is back!", + "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.ETC.ETC" + } - The token must expire in one day, and must provide the following information - in its payload: + The token must expire in one day, and must provide the following information + in its payload: - { - "subject" : 1 // the user_id of the authenticated user - "username" : "bob" // the username of the authenticated user - "role_name": "admin" // the role of the authenticated user + { + "subject" : 1 // the user_id of the authenticated user + "username" : "bob" // the username of the authenticated user + "role_name": "admin" // the role of the authenticated user + } + */ + try { + const credentials = req.body; + const user = await User.findBy({ username: credentials.username }); + if (user[0] && bcrypt.compareSync(credentials.password, user[0].password)) { + const token = buildToken(user[0]) + res.status(200).json({ + message: `${credentials.username} is back!`, + token: token + }); + } else { + next({ + status: 401, + message: "Invalid credentials" + }); + } + } catch (err) { + next(err); } - */ -}); + } +); module.exports = router; diff --git a/api/auth/token-builder.js b/api/auth/token-builder.js new file mode 100644 index 000000000..9fa7c4002 --- /dev/null +++ b/api/auth/token-builder.js @@ -0,0 +1,17 @@ +const jwt = require("jsonwebtoken") +const { JWT_SECRET } = require("./../secrets") + +const buildToken = (user) => { + const payload = { + subject: user.user_id, + username: user.username, + role_name: user.role_name, + } + const options = { + expiresIn: "1d", + } + const signedToken = jwt.sign(payload, JWT_SECRET, options) + return signedToken; +} + +module.exports = buildToken; \ No newline at end of file diff --git a/api/secrets/index.js b/api/secrets/index.js index 1a125b81e..e6f0c6736 100644 --- a/api/secrets/index.js +++ b/api/secrets/index.js @@ -7,5 +7,5 @@ developers cloning this repo won't be able to run the project as is. */ module.exports = { - -} + JWT_SECRET: process.env.JWT_SECRET || "shh" +}; diff --git a/api/users/users-model.js b/api/users/users-model.js index 7a2064834..ed14c72eb 100644 --- a/api/users/users-model.js +++ b/api/users/users-model.js @@ -1,6 +1,6 @@ const db = require('../../data/db-config.js'); -function find() { +const find = async () => { /** You will need to join two tables. Resolves to an ARRAY with all users. @@ -18,9 +18,16 @@ function find() { } ] */ + const users = await db("users as u") + .leftJoin("roles as r", + "u.role_id", "r.role_id") + .select("u.user_id", + "u.username", + "r.role_name"); + return users; } -function findBy(filter) { +const findBy = async (filter) => { /** You will need to join two tables. Resolves to an ARRAY with all users that match the filter condition. @@ -34,9 +41,18 @@ function findBy(filter) { } ] */ + const filteredUsers = await db("users as u") + .leftJoin("roles as r", + "u.role_id", "r.role_id") + .select("u.user_id", + "u.username", + "u.password", + "r.role_name") + .where(filter); + return filteredUsers; } -function findById(user_id) { +const findById = async (user_id) => { /** You will need to join two tables. Resolves to the user with the given user_id. @@ -47,6 +63,15 @@ function findById(user_id) { "role_name": "instructor" } */ + const user = await db("users as u") + .leftJoin("roles as r", + "u.role_id", "r.role_id") + .select("u.user_id", + "u.username", + "r.role_name") + .where({ user_id }) + .first(); + return user; } /** @@ -67,21 +92,21 @@ function findById(user_id) { "role_name": "team lead" } */ -async function add({ username, password, role_name }) { // done for you - let created_user_id +const add = async ({ username, password, role_name }) => { // done for you + let created_user_id; await db.transaction(async trx => { - let role_id_to_use - const [role] = await trx('roles').where('role_name', role_name) + let role_id_to_use; + const [role] = await trx('roles').where('role_name', role_name); if (role) { - role_id_to_use = role.role_id + role_id_to_use = role.role_id; } else { - const [role_id] = await trx('roles').insert({ role_name: role_name }) - role_id_to_use = role_id + const [role_id] = await trx('roles').insert({ role_name: role_name }); + role_id_to_use = role_id; } - const [user_id] = await trx('users').insert({ username, password, role_id: role_id_to_use }) - created_user_id = user_id - }) - return findById(created_user_id) + const [user_id] = await trx('users').insert({ username, password, role_id: role_id_to_use }); + created_user_id = user_id; + }); + return findById(created_user_id); } module.exports = { diff --git a/config/index.js b/config/index.js new file mode 100644 index 000000000..2670fb07a --- /dev/null +++ b/config/index.js @@ -0,0 +1,4 @@ +module.exports = { + PORT: process.env.PORT || 9000, + BCRYPT_ROUNDS: process.env.BCRYPT_ROUNDS || 8 +}; diff --git a/data/auth.db3 b/data/auth.db3 index 568bc34c7..066d45e53 100644 Binary files a/data/auth.db3 and b/data/auth.db3 differ diff --git a/index.js b/index.js index 71f14885b..2cfe428e2 100644 --- a/index.js +++ b/index.js @@ -1,6 +1,6 @@ -const server = require('./api/server.js'); +const { PORT } = require("./config"); -const PORT = process.env.PORT || 9000; +const server = require('./api/server.js'); server.listen(PORT, () => { console.log(`Listening on port ${PORT}...`); diff --git a/package-lock.json b/package-lock.json index 4c7839920..aa2c9e609 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,8 +12,10 @@ "cors": "^2.8.5", "express": "^4.17.1", "helmet": "^4.6.0", + "jsonwebtoken": "^8.5.1", "knex": "^0.95.11", - "sqlite3": "^5.0.2" + "sqlite3": "^5.0.2", + "yup": "^0.32.11" }, "devDependencies": { "@types/jest": "^27.0.2", @@ -576,6 +578,17 @@ "@babel/core": "^7.0.0-0" } }, + "node_modules/@babel/runtime": { + "version": "7.16.3", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.16.3.tgz", + "integrity": "sha512-WBwekcqacdY2e9AF/Q7WLFUWmdJGJTkbjqTjoMDgXkVZ3ZRUvOPsLb5KdwISoQVsbP+DQzVZW4Zhci0DvpbNTQ==", + "dependencies": { + "regenerator-runtime": "^0.13.4" + }, + "engines": { + "node": ">=6.9.0" + } + }, "node_modules/@babel/template": { "version": "7.15.4", "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.15.4.tgz", @@ -1128,6 +1141,11 @@ "pretty-format": "^27.0.0" } }, + "node_modules/@types/lodash": { + "version": "4.14.176", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.176.tgz", + "integrity": "sha512-xZmuPTa3rlZoIbtDUyJKZQimJV3bxCmzMIO2c9Pz9afyDro6kr7R79GwcB6mRhuoPmV2p1Vb66WOJH7F886WKQ==" + }, "node_modules/@types/node": { "version": "16.6.1", "resolved": "https://registry.npmjs.org/@types/node/-/node-16.6.1.tgz", @@ -1739,6 +1757,11 @@ "node-int64": "^0.4.0" } }, + "node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" + }, "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -2396,6 +2419,14 @@ "safer-buffer": "^2.1.0" } }, + "node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, "node_modules/ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -4623,6 +4654,35 @@ "node": ">=6" } }, + "node_modules/jsonwebtoken": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", + "dependencies": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^5.6.0" + }, + "engines": { + "node": ">=4", + "npm": ">=1.4.28" + } + }, + "node_modules/jsonwebtoken/node_modules/semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "bin": { + "semver": "bin/semver" + } + }, "node_modules/jsprim": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", @@ -4638,6 +4698,25 @@ "verror": "1.10.0" } }, + "node_modules/jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "dependencies": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "dependencies": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "node_modules/jwt-decode": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz", @@ -4769,12 +4848,52 @@ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + }, + "node_modules/lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8=" + }, + "node_modules/lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY=" + }, + "node_modules/lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M=" + }, + "node_modules/lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w=" + }, + "node_modules/lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=" + }, + "node_modules/lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=" + }, "node_modules/lodash.merge": { "version": "4.6.2", "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", "dev": true }, + "node_modules/lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" + }, "node_modules/lowercase-keys": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", @@ -4971,6 +5090,11 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, + "node_modules/nanoclone": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/nanoclone/-/nanoclone-0.2.1.tgz", + "integrity": "sha512-wynEP02LmIbLpcYw8uBKpcfF6dmg2vcpKqxeH5UcoKEYdExslsdUA4ugFauuaeYdTB76ez6gJW8XAZ6CgkXYxA==" + }, "node_modules/natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", @@ -5703,6 +5827,11 @@ "node": ">= 6" } }, + "node_modules/property-expr": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/property-expr/-/property-expr-2.0.4.tgz", + "integrity": "sha512-sFPkHQjVKheDNnPvotjQmm3KD3uk1fWKUN7CrpdbwmUx3CrG3QiM8QpTSimvig5vTXmTvjz7+TDvXOI9+4rkcg==" + }, "node_modules/proxy-addr": { "version": "2.0.7", "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", @@ -5853,6 +5982,11 @@ "node": ">= 0.10" } }, + "node_modules/regenerator-runtime": { + "version": "0.13.9", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.9.tgz", + "integrity": "sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA==" + }, "node_modules/regexpp": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", @@ -6650,6 +6784,11 @@ "node": ">=0.6" } }, + "node_modules/toposort": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/toposort/-/toposort-2.0.2.tgz", + "integrity": "sha1-riF2gXXRVZ1IvvNUILL0li8JwzA=" + }, "node_modules/touch": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/touch/-/touch-3.1.0.tgz", @@ -7239,6 +7378,23 @@ "engines": { "node": ">=8" } + }, + "node_modules/yup": { + "version": "0.32.11", + "resolved": "https://registry.npmjs.org/yup/-/yup-0.32.11.tgz", + "integrity": "sha512-Z2Fe1bn+eLstG8DRR6FTavGD+MeAwyfmouhHsIUgaADz8jvFKbO/fXc2trJKZg+5EBjh4gGm3iU/t3onKlXHIg==", + "dependencies": { + "@babel/runtime": "^7.15.4", + "@types/lodash": "^4.14.175", + "lodash": "^4.17.21", + "lodash-es": "^4.17.21", + "nanoclone": "^0.2.1", + "property-expr": "^2.0.4", + "toposort": "^2.0.2" + }, + "engines": { + "node": ">=10" + } } }, "dependencies": { @@ -7656,6 +7812,14 @@ "@babel/helper-plugin-utils": "^7.14.5" } }, + "@babel/runtime": { + "version": "7.16.3", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.16.3.tgz", + "integrity": "sha512-WBwekcqacdY2e9AF/Q7WLFUWmdJGJTkbjqTjoMDgXkVZ3ZRUvOPsLb5KdwISoQVsbP+DQzVZW4Zhci0DvpbNTQ==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, "@babel/template": { "version": "7.15.4", "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.15.4.tgz", @@ -8123,6 +8287,11 @@ "pretty-format": "^27.0.0" } }, + "@types/lodash": { + "version": "4.14.176", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.176.tgz", + "integrity": "sha512-xZmuPTa3rlZoIbtDUyJKZQimJV3bxCmzMIO2c9Pz9afyDro6kr7R79GwcB6mRhuoPmV2p1Vb66WOJH7F886WKQ==" + }, "@types/node": { "version": "16.6.1", "resolved": "https://registry.npmjs.org/@types/node/-/node-16.6.1.tgz", @@ -8613,6 +8782,11 @@ "node-int64": "^0.4.0" } }, + "buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" + }, "buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -9122,6 +9296,14 @@ "safer-buffer": "^2.1.0" } }, + "ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "requires": { + "safe-buffer": "^5.0.1" + } + }, "ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -10849,6 +11031,30 @@ "minimist": "^1.2.5" } }, + "jsonwebtoken": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", + "requires": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^5.6.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" + } + } + }, "jsprim": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", @@ -10861,6 +11067,25 @@ "verror": "1.10.0" } }, + "jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "requires": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "requires": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "jwt-decode": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz", @@ -10953,12 +11178,52 @@ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + }, + "lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8=" + }, + "lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY=" + }, + "lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M=" + }, + "lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w=" + }, + "lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=" + }, + "lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=" + }, "lodash.merge": { "version": "4.6.2", "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", "dev": true }, + "lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" + }, "lowercase-keys": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", @@ -11111,6 +11376,11 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, + "nanoclone": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/nanoclone/-/nanoclone-0.2.1.tgz", + "integrity": "sha512-wynEP02LmIbLpcYw8uBKpcfF6dmg2vcpKqxeH5UcoKEYdExslsdUA4ugFauuaeYdTB76ez6gJW8XAZ6CgkXYxA==" + }, "natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", @@ -11667,6 +11937,11 @@ "sisteransi": "^1.0.5" } }, + "property-expr": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/property-expr/-/property-expr-2.0.4.tgz", + "integrity": "sha512-sFPkHQjVKheDNnPvotjQmm3KD3uk1fWKUN7CrpdbwmUx3CrG3QiM8QpTSimvig5vTXmTvjz7+TDvXOI9+4rkcg==" + }, "proxy-addr": { "version": "2.0.7", "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", @@ -11789,6 +12064,11 @@ "resolve": "^1.9.0" } }, + "regenerator-runtime": { + "version": "0.13.9", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.9.tgz", + "integrity": "sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA==" + }, "regexpp": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", @@ -12403,6 +12683,11 @@ "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==" }, + "toposort": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/toposort/-/toposort-2.0.2.tgz", + "integrity": "sha1-riF2gXXRVZ1IvvNUILL0li8JwzA=" + }, "touch": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/touch/-/touch-3.1.0.tgz", @@ -12867,6 +13152,20 @@ "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", "dev": true + }, + "yup": { + "version": "0.32.11", + "resolved": "https://registry.npmjs.org/yup/-/yup-0.32.11.tgz", + "integrity": "sha512-Z2Fe1bn+eLstG8DRR6FTavGD+MeAwyfmouhHsIUgaADz8jvFKbO/fXc2trJKZg+5EBjh4gGm3iU/t3onKlXHIg==", + "requires": { + "@babel/runtime": "^7.15.4", + "@types/lodash": "^4.14.175", + "lodash": "^4.17.21", + "lodash-es": "^4.17.21", + "nanoclone": "^0.2.1", + "property-expr": "^2.0.4", + "toposort": "^2.0.2" + } } } } diff --git a/package.json b/package.json index 2252417b8..22a52b8cc 100644 --- a/package.json +++ b/package.json @@ -23,8 +23,10 @@ "cors": "^2.8.5", "express": "^4.17.1", "helmet": "^4.6.0", + "jsonwebtoken": "^8.5.1", "knex": "^0.95.11", - "sqlite3": "^5.0.2" + "sqlite3": "^5.0.2", + "yup": "^0.32.11" }, "repository": { "type": "git",