Bump version to 1.0.2

.vscode/settings.json

@@ -0,0 +1,13 @@
+{
+    "rest-client.environmentVariables": {
+        "$shared": {},
+        "local": {
+            "host": "localhost",
+            "port": "12345"
+        },
+        "docker": {
+            "host": "localhost",
+            "port": "11001"
+        }
+    }
+}

Dockerfile

@@ -14,6 +14,7 @@ FROM node:${NODE_VERSION}-alpine
 WORKDIR /app
 COPY --from=builder /app/node_modules node_modules/
 COPY --from=builder /app/index.js .
+COPY --from=builder /app/src src/
 USER node
 EXPOSE 12345
 ENV NODE_ENV=production

index.js

@@ -3,9 +3,12 @@ dotenv.config();
 import express from "express";
 import expressWs from "express-ws";
 import morgan from "morgan";
-import { initWebsocket } from "./websocket.js";
-import { initAuth } from "./auth.js";
-import { close as closeDbConnection, initDbConnection, db } from "./db.js";
+import cookieParser from "cookie-parser";
+import cors from "cors";
+import { initWebsocket } from "./src/websocket.js";
+import { initAuth } from "./src/auth.js";
+import { close as closeDbConnection, initDbConnection, db } from "./src/db.js";
+import { initUsers } from "./src/user.js";
 const app = express();
 const appWs = expressWs(app);
 const port = 12345;
@@ -16,12 +19,15 @@ process.on('exit', function() {
   closeDbConnection();
 });
 
+app.use(cors({credentials: true, origin: process.env.JEOPARDY_URL}));
 app.use(morgan(process.env.production ? 'common' : 'dev'));
 app.use(express.json());
+app.use(cookieParser());
 
 await initDbConnection();
 
 initAuth(app, db);
+initUsers(app);
 initWebsocket(app);
 
 app.listen(port, () => {

package-lock.json

@@ -1,15 +1,17 @@
 {
   "name": "jeopardyserver",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "jeopardyserver",
-      "version": "1.0.1",
+      "version": "1.0.2",
       "license": "ISC",
       "dependencies": {
         "@types/express": "^5.0.3",
+        "cookie-parser": "^1.4.7",
+        "cors": "^2.8.5",
         "dotenv": "^17.2.3",
         "express": "^5.1.0",
         "express-ws": "^5.0.2",
@@ -269,6 +271,25 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/cookie-parser": {
+      "version": "1.4.7",
+      "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.7.tgz",
+      "integrity": "sha512-nGUvgXnotP3BsjiLX2ypbQnWoGUPIIfHQNZkkC668ntrzGWEZVW70HDEB1qnNGMicPje6EttlIgzo51YSwNQGw==",
+      "license": "MIT",
+      "dependencies": {
+        "cookie": "0.7.2",
+        "cookie-signature": "1.0.6"
+      },
+      "engines": {
+        "node": ">= 0.8.0"
+      }
+    },
+    "node_modules/cookie-parser/node_modules/cookie-signature": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
+      "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==",
+      "license": "MIT"
+    },
     "node_modules/cookie-signature": {
       "version": "1.2.2",
       "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.2.2.tgz",
@@ -278,6 +299,19 @@
         "node": ">=6.6.0"
       }
     },
+    "node_modules/cors": {
+      "version": "2.8.5",
+      "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
+      "integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
+      "license": "MIT",
+      "dependencies": {
+        "object-assign": "^4",
+        "vary": "^1"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/debug": {
       "version": "4.4.3",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
@@ -814,6 +848,15 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/object-assign": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
+      "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/object-inspect": {
       "version": "1.13.4",
       "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "jeopardyserver",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "",
   "license": "ISC",
   "author": "",
@@ -12,6 +12,8 @@
   },
   "dependencies": {
     "@types/express": "^5.0.3",
+    "cookie-parser": "^1.4.7",
+    "cors": "^2.8.5",
     "dotenv": "^17.2.3",
     "express": "^5.1.0",
     "express-ws": "^5.0.2",

requests/test.http

@@ -1,5 +1,7 @@
 
-POST http://localhost:12345/auth/login HTTP/1.1
+@url = http://{{host}}:{{port}}
+
+POST {{url}}/auth/login HTTP/1.1
 content-type: application/json
 
 {

src/auth.js

@@ -4,10 +4,34 @@ let db;
 let users;
 
 export function initAuth(app, db) {
+    app.use(checkSessionToken);
     users = db.collection('users');
     app.post('/auth/login', loginUser);
 }
 
+async function checkSessionToken(req, res, next) {
+    if (req.path.startsWith("/auth/")) {
+        next();
+        return;
+    }
+
+    const token = req.cookies.jeopardytoken;
+    
+    let user = await users.findOne({sessiontoken: token});
+
+    if (user === null) {
+        res.sendStatus(401);
+        return;
+    }
+
+    req.user = {
+        role: user.role,
+        username: user.username
+    }
+
+    next();
+}
+
 async function loginUser(req, res) {
     const username = req.body.username;
     const password = req.body.password;
@@ -27,10 +51,11 @@ async function loginUser(req, res) {
         expires.setDate(expires.getDate() + 1);
 
         res.cookie('jeopardytoken', sessiontoken, {
-            maxAge: 1e3 * 60 * 60 * 24
+            maxAge: 1e3 * 60 * 60 * 24,
+            path: "/"
         })
 
-        res.sendStatus(200);
+        res.status(200).send(username);
     } else {
         res.sendStatus(403);
     }

src/user.js

@@ -0,0 +1,9 @@
+
+
+export function initUsers(app) {
+    app.get('/user/username', returnUsername);
+}
+
+function returnUsername(req, res) {
+    res.status(200).send(req.user.username);
+}