universal_authentication/dist/services/auth.service.js

Seamless and Secure Authentication for Modern Web Applications: Easily integrate OTP-based email verification, Google OAuth, GitHub, Microsoft, and Okta login into your Node.js app. Modular, flexible, and database-agnostic, this package simplifies user au

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.loginHandler = exports.signupHandler = void 0;
const password_utils_1 = require("../utils/password.utils");
const validation_utils_1 = require("../utils/validation.utils");
const otpStore_service_1 = require("../services/email/otpStore.service");
// Signup Handler Function
const signupHandler = async (email, password, name, config) => {
    try {
        // Validation for email, password, and check if the user already exists
        if (!(0, validation_utils_1.validateEmail)(email)) {
            return { status: 400, message: "Invalid email format" };
        }
        if (!(0, validation_utils_1.validatePassword)(password)) {
            return { status: 400, message: "Invalid password format" };
        }
        if (await config.checkUserExist?.(email)) {
            return { status: 409, message: "Email already exists" };
        }
        // Generation of secureKey, password hashing
        const secureKey = config.generateSecureKey
            ? config.generateSecureKey()
            : "defaultKey";
        const hashedPassword = await (0, password_utils_1.hashPassword)(password, secureKey, config.hashAlgorithm ?? "crypto");
        // Create a user
        const user = await config.createUser?.({
            email,
            name,
        });
        // Create an auth record for the user
        if (user) {
            await config.createAuthRecord?.({
                userId: user.id,
                password: hashedPassword,
                secureKey,
                ipAddress: "0.0.0.0",
                lastLogin: new Date(),
            });
            return { status: 201, message: "User created successfully" };
        }
        else {
            return { status: 500, message: "User creation failed" };
        }
    }
    catch (err) {
        console.error(err);
        return { status: 500, message: err.message };
    }
};
exports.signupHandler = signupHandler;
// Login Handler Function
const loginHandler = async (email, password, config) => {
    try {
        // Check if the user and auth record are present
        const user = await config.getUserByEmail?.(email);
        if (!user) {
            return { status: 401, message: "Invalid email or password" };
        }
        const authRecord = await config.getAuthRecord?.(user.id);
        if (!authRecord) {
            return { status: 401, message: "authRecord not found" };
        }
        // Check if the password is valid
        const isPasswordValid = await (0, password_utils_1.verifyPassword)(password, authRecord.secureKey, authRecord.password, config.hashAlgorithm ?? "crypto");
        if (!isPasswordValid) {
            return { status: 401, message: "password is incorrect" };
        }
        // Generate OTP after successful password validation
        const otp = (0, otpStore_service_1.generateOtp)();
        (0, otpStore_service_1.storeOtp)(email, otp);
        // Send OTP to user via email (use config.sendEmail or your own email service)
        await config.sendEmail?.(email, "Your OTP for login", `Your OTP is: ${otp}`);
        return { status: 200, message: `OTP is sent to your ${email}` };
    }
    catch (err) {
        console.error(err);
        return { status: 500, message: err.message };
    }
};
exports.loginHandler = loginHandler;