@@ 1,26 1,79 @@
import express from "express";
+import session from "express-session";
import dotenv from "dotenv";
-import bodyParser from "body-parser";
+import cookieParser from "cookie-parser";
+import { v4 as uuidv4 } from "uuid";
+import passport from "./auth/passport";
dotenv.config();
+const clientPort = process.env.PORT!;
+const serverPort = Number(process.env.PORT)! + 1;
+const clientUrl = process.env.BASE_URL! + ":" + clientPort;
+
const app = express();
+const env = app.get("env");
-app.set("port", process.env.PORT || 3000);
-app.use(bodyParser.json());
-app.use(bodyParser.urlencoded({ extended: true }));
-
-app.listen(app.get("port"), () => {
- console.log(
- "App is running at http://localhost:%d in %s mode",
- app.get("port"),
- app.get("env"),
- );
- console.log("Press CTRL-C to stop\n");
-});
+const sessionOptions = {
+ cookie: { httpOnly: true, secure: false, maxAge: 259200000, signed: true },
+ genid: () => {
+ return uuidv4();
+ },
+ name: "STM",
+ secret: process.env.SECRET_COOKIE!,
+};
+
+if (env === "production") {
+ app.set("trust proxy", 1);
+ sessionOptions.cookie.secure = true;
+}
+
+const authenticate = (req: any, res: any, next: any) => {
+ if (!req.user) {
+ res.redirect("/auth/forbidden");
+ } else {
+ next();
+ }
+};
+
+app.set("port", serverPort);
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use(cookieParser(process.env.SECRET_COOKIE));
+app.use(session(sessionOptions));
+app.use(passport.initialize());
+app.use(passport.session());
+app.listen(serverPort);
app.get("/", (req, res) => {
res.send(200);
});
+app.get("/auth/login", passport.authenticate("steam"), () => {
+ // The request will be redirected to Steam for authentication, so
+ // this function will not be called.
+});
+
+app.get(
+ "/auth/callback",
+ passport.authenticate("steam", { failureRedirect: "/auth/login" }),
+ (req, res) => {
+ // Redirect to index
+ res.redirect(clientUrl);
+ },
+);
+
+app.get("/auth/active", authenticate, (req, res) => {
+ res.send(true);
+});
+
+app.get("/auth/logout", authenticate, (req, res) => {
+ req.logout();
+ res.redirect(clientUrl);
+});
+
+app.get("/auth/forbidden", (req, res) => {
+ res.send("Not authenticated");
+});
+
export default app;
@@ 1,5 1,10 @@
<template>
<div class="header"><router-link to="/">Header</router-link></div>
<div class="header">
<router-link to="/">Header</router-link>
<div class="actions">
<a href="http://localhost:8081/auth/login">Steam login</a>
</div>
</div>
</template>
<script lang="ts">
@@ 17,5 22,9 @@ export default class Header extends Vue {}
.header {
@include transparent-background(0, 0, 0, 0.8);
height: 4em;
.actions {
float: right;
}
}
</style>