umami/lib/session.js

57 lines
1.4 KiB
JavaScript
Raw Normal View History

import { getWebsite, getSession, createSession } from 'lib/db';
2020-08-07 04:14:44 +02:00
import { getClientInfo } from 'lib/request';
import { uuid, isValidId, parseToken } from 'lib/crypto';
2020-08-05 07:45:05 +02:00
export async function verifySession(req) {
const { payload } = req.body;
2020-08-09 08:48:43 +02:00
if (!payload) {
throw new Error('Invalid request');
}
2020-07-23 05:45:09 +02:00
const { website: website_uuid, hostname, screen, language, session } = payload;
const token = await parseToken(session);
if (!token || !isValidId(website_uuid) || token.website_uuid !== website_uuid) {
2020-08-07 04:14:44 +02:00
const { userAgent, browser, os, ip, country, device } = await getClientInfo(req, payload);
2020-07-23 05:45:09 +02:00
if (website_uuid) {
2020-08-04 03:12:28 +02:00
const website = await getWebsite({ website_uuid });
2020-07-23 05:45:09 +02:00
if (website) {
const { website_id } = website;
const session_uuid = uuid(website_id, hostname, ip, userAgent, os);
2020-08-04 03:12:28 +02:00
let session = await getSession({ session_uuid });
2020-07-23 05:45:09 +02:00
if (!session) {
session = await createSession(website_id, {
session_uuid,
hostname,
browser,
os,
screen,
language,
country,
2020-08-07 04:14:44 +02:00
device,
2020-07-23 05:45:09 +02:00
});
}
const { session_id } = session;
return {
website_id,
website_uuid,
session_id,
session_uuid,
2020-07-23 05:45:09 +02:00
};
2020-07-28 08:52:14 +02:00
} else {
throw new Error(`Invalid website: ${website_uuid}`);
}
}
}
return token;
2020-08-05 07:45:05 +02:00
}