var express = require('express') var router = express.Router() const User = require('@models/User') const Auth = require('@helpers/Auth') const cs = require('@helpers/CryptoString') let userId = null let masterKey = null // middleware that is specific to this router router.use(function setUserId (req, res, next) { //Session key is required to continue if(!req.headers.sessionId){ next('Unauthorized') } if(req.headers.userId){ userId = req.headers.userId masterKey = req.headers.masterKey next() } }) // Logout User router.post('/logout', function (req, res) { User.logout(req.headers.sessionId) .then( returnData => { res.send(true) }) }) // change password router.post('/changepassword', function (req, res) { User.changePassword(req.headers.userId, req.body.currentPass, req.body.newPass) .then( returnData => { res.send(returnData) }) }) //Revoke all active session keys for user router.post('/revokesessions', function(req, res) { User.revokeActiveSessions(req.headers.userId, req.headers.sessionId) .then( returnData => { res.send(returnData) }) }) // fetch counts of users notes router.post('/totals', function (req, res) { User.getCounts(req.headers.userId) .then( countsObject => res.send( countsObject )) }) // // Two Factor Auth Setup // router.post('/twofactorsetup', function (req, res) { //Send QR code to user for 2FA setup Auth.generateTwoFactorSecretKey(req.headers.userId, req.body.password) .then( ({ qrCode }) => { res.send( qrCode ) }) }) router.post('/verifytwofactorsetuptoken', function (req, res) { //Verify Users QR code with token Auth.setTwoFactorEnabled(req.headers.userId, req.body.password, req.body.token, true) .then( ( results ) => { res.send( results ) }) }) router.post('/validatetwofactortoken', function (req, res) { //Verify Users QR code with token Auth.validateTwoFactorToken(req.headers.userId, req.body.password, req.body.token) .then( ( results ) => { res.send( results ) }) }) module.exports = router