From 5eda99b44368d2bfa451cc73a712a981dafeb231 Mon Sep 17 00:00:00 2001 From: Thanu Poptiphueng Date: Fri, 19 Apr 2024 18:18:07 +0700 Subject: [PATCH] added jwt token --- src/config.ts | 2 ++ src/trpc.ts | 34 ++++++++++++++++++++++++++++++---- src/userRoute.ts | 8 +++++--- 3 files changed, 37 insertions(+), 7 deletions(-) diff --git a/src/config.ts b/src/config.ts index 0adafea..3b3e0cd 100644 --- a/src/config.ts +++ b/src/config.ts @@ -3,4 +3,6 @@ export const Config = { sms_api_secret: "0957b611d575febff1ae0fc51070c8b7", sms_api_request_endpoint: "https://otp.thaibulksms.com/v2/otp/request", sms_api_verify_endpoint: "https://otp.thaibulksms.com/v2/otp/verify", + jwt_secret: + "T4kE6/tIqCVEZYg9lwsqeJjYfOoXTXSXDEMyParsJjj57CjSdkrfPOLWP74/9lJpcBA=", }; diff --git a/src/trpc.ts b/src/trpc.ts index d0c3cda..cc4ed27 100644 --- a/src/trpc.ts +++ b/src/trpc.ts @@ -1,6 +1,9 @@ import { initTRPC } from "@trpc/server"; import type { CreateHTTPContextOptions } from "@trpc/server/adapters/standalone"; import { db } from "./db"; +import * as jwt from "jsonwebtoken"; +import { Config } from "./config"; +import { z } from "zod"; const t = initTRPC.context().create(); export const router = t.router; @@ -35,8 +38,10 @@ type Context = Awaited>; export const createContext = async (opts: CreateHTTPContextOptions) => { const authorizationHeader = opts.req.headers.authorization || ""; + const bearerToken = authorizationHeader.split(" ")[1]; - const phone = verifyToken(bearerToken); + console.log(authorizationHeader, bearerToken); + const phone = await verifyToken(bearerToken); if (phone !== null) { let user = await db.query.user.findFirst({ where: (user, { eq }) => eq(user.phone, phone), @@ -53,7 +58,28 @@ export const createContext = async (opts: CreateHTTPContextOptions) => { } }; -function verifyToken(token: string): string | null { - //TODO: Implement token verification - return "08999"; +async function verifyToken(token: string): Promise { + try { + let rs = await new Promise((resolve, reject) => { + jwt.verify(token, Config.jwt_secret, (err, decoded) => { + if (err) { + reject(err); + } else { + resolve(decoded); + } + }); + }); + let data = z + .object({ + phone: z.string(), + }) + .safeParse(rs); + if (data.success) { + return data.data.phone; + } else { + return null; + } + } catch (e) { + return null; + } } diff --git a/src/userRoute.ts b/src/userRoute.ts index 16b4a1b..8df05d2 100644 --- a/src/userRoute.ts +++ b/src/userRoute.ts @@ -11,6 +11,7 @@ import { z } from "zod"; import { SQL, eq } from "drizzle-orm"; import { Config } from "./config"; import { TRPCError } from "@trpc/server"; +import * as jwt from "jsonwebtoken"; const userInsertSchema = createInsertSchema(user); const opinionInsertSchema = createInsertSchema(userOpinion) @@ -157,7 +158,6 @@ async function requestOtp(phone: string) { async function verifyOtp(token: string, pin: string) { try { - console.log(token, pin); let pt = await db.query.phoneToken.findFirst({ where: (pt, { eq }) => eq(pt.token, token), orderBy: (pt, { desc }) => desc(pt.createdOn), @@ -189,8 +189,10 @@ async function verifyOtp(token: string, pin: string) { }); } else { await db.delete(phoneToken).where(eq(phoneToken.phone, pt.phone)); - console.log(rs, pt.phone); - return rs; + const token = jwt.sign({ phone: pt.phone }, Config.jwt_secret, { + expiresIn: "3d", + }); + return token; } } catch (e) { console.error(e);