umami/lib/session.js

59 lines
1.4 KiB
JavaScript
Raw Normal View History

2020-08-12 07:24:41 +02:00
import { getWebsiteByUuid, getSessionByUuid, createSession } from 'lib/queries';
2020-08-07 04:14:44 +02:00
import { getClientInfo } from 'lib/request';
import { uuid, isValidId, parseToken } from 'lib/crypto';
2020-08-05 07:45:05 +02:00
export async function verifySession(req) {
const { payload } = req.body;
2020-08-09 08:48:43 +02:00
if (!payload) {
throw new Error('Invalid request');
}
2020-07-23 05:45:09 +02:00
const { website: website_uuid, hostname, screen, language, session } = payload;
2020-08-12 05:05:40 +02:00
if (!isValidId(website_uuid)) {
throw new Error(`Invalid website: ${website_uuid}`);
}
const token = await parseToken(session);
2020-08-12 05:05:40 +02:00
if (!token || token.website_uuid !== website_uuid) {
2020-08-07 04:14:44 +02:00
const { userAgent, browser, os, ip, country, device } = await getClientInfo(req, payload);
2020-07-23 05:45:09 +02:00
2020-08-12 07:24:41 +02:00
const website = await getWebsiteByUuid(website_uuid);
2020-08-12 05:05:40 +02:00
if (!website) {
throw new Error(`Website not found: ${website_uuid}`);
}
2020-08-12 05:05:40 +02:00
const { website_id } = website;
const session_uuid = uuid(website_id, hostname, ip, userAgent, os);
2020-08-12 07:24:41 +02:00
let session = await getSessionByUuid(session_uuid);
2020-08-12 05:05:40 +02:00
if (!session) {
session = await createSession(website_id, {
session_uuid,
hostname,
browser,
os,
screen,
language,
country,
device,
});
}
const { session_id } = session;
return {
website_id,
website_uuid,
session_id,
session_uuid,
};
}
return token;
2020-08-05 07:45:05 +02:00
}