Vault/server.js at main · ixd-system-design/Vault · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
// import Express library and activate it
import express from "express";
const app = express();

// import path module to help with file paths
import path from 'path';

// Serve static files from the 'public' folder
app.use(express.static('public'))

// On Vercel, point the root url (/) to index.html explicitly
if (process.env.VERCEL) {
    app.get('/', (req, res) => {
        res.sendFile(path.join(process.cwd(), 'public', 'index.html'))
    })
}

// Import the OpenID Connect Library (maintained by Auth0)
// See also: https://github.com/auth0/express-openid-connect
import auth0 from 'express-openid-connect'
const { auth, requiresAuth } = auth0

// Auth0 Configuration
// Make sure add the following environment variables are set:
// SECRET, BASE_URL, CLIENT_ID, ISSUER_BASE_URL
const config = {
    authRequired: false,
    auth0Logout: true,
    secret: process.env.SECRET,
    baseURL: process.env.BASE_URL,
    clientID: process.env.CLIENT_ID,
    issuerBaseURL: process.env.ISSUER_BASE_URL
}

// Show an error if any environment variables are missing
if (Object.keys(config).some(key => config[key] == null)) {
    console.error('Error: Auth0 environment variable(s) are missing.')
    process.exit(1)
}

// Enable auth in our Express app.
// This will automatically setup /login, /logout, /callback endpoints
app.use(auth(config))

// NOTE: OpenIdConnect attaches user data to all incoming requests
// We can find this data at "req.oidc"

// Publish the user's data and authentication state to the frontend
app.get('/api/user', (req, res) => {
    // If the user is logged in, send their data
    if (req.oidc?.isAuthenticated()) {
        res.send({
            ...req.oidc.user,
            isAuthenticated: true
        })
    }
    // If the user is not logged in,
    // Inform the frontend that we have a Guest user.
    else {
        res.send({
            name: "Guest",
            isAuthenticated: false
        })
    }
})

// the private vault page
app.get('/vault', requiresAuth(), (req, res) => {
    res.sendFile(path.join(process.cwd(), 'private', 'vault.html'));
});


app.get('/api/secrets', async (req, res) => {
    try {
        // If the user is logged in, send secret data
        if (req.oidc?.isAuthenticated()) {
            res.send([
                {
                    "name": "Cookie Recipe",
                    "url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
                },
                {
                    "name": "Secret Sauce",
                    "url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
                },
                {
                    "name": "Inside Information",
                    "url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
                }
            ]);
        }
        // If the user is not logged in,
        // return an error message
        else {
            return res.status(401).json({ error: 'Authentication required' });

        }

    } catch {
        res.status(500).json({ error: 'Failed to send data' });
    }
})


const port = 3000
// Start Express
app.listen(port, () => {
    console.log(`Express is now Live.`)
    console.log(`http://localhost:${port}`)
});