Refactor authentication and data handling in API; implement encryption for user and member data storage. Update relevant components to utilize new encryption methods, ensuring secure data management across the application. Enhance error handling and streamline data writing processes for improved reliability.
This commit is contained in:
Torsten Schulz (local)
@@ -2,6 +2,7 @@ import bcrypt from 'bcryptjs';
|
||||
import jwt from 'jsonwebtoken';
|
||||
import { promises } from 'fs';
|
||||
import path from 'path';
|
||||
import { d as decryptObject, a as encryptObject } from './encryption.mjs';
|
||||
|
||||
const JWT_SECRET = process.env.JWT_SECRET || "harheimertc-secret-key-change-in-production";
|
||||
const getDataPath = (filename) => {
|
||||
@@ -13,18 +14,61 @@ const getDataPath = (filename) => {
|
||||
};
|
||||
const USERS_FILE = getDataPath("users.json");
|
||||
const SESSIONS_FILE = getDataPath("sessions.json");
|
||||
function getEncryptionKey() {
|
||||
return process.env.ENCRYPTION_KEY || "default-key-change-in-production";
|
||||
}
|
||||
function isEncrypted(data) {
|
||||
try {
|
||||
const parsed = JSON.parse(data.trim());
|
||||
if (Array.isArray(parsed)) {
|
||||
return false;
|
||||
}
|
||||
if (typeof parsed === "object" && parsed !== null && !parsed.encryptedData) {
|
||||
return false;
|
||||
}
|
||||
return false;
|
||||
} catch (e) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
async function readUsers() {
|
||||
try {
|
||||
const data = await promises.readFile(USERS_FILE, "utf-8");
|
||||
return JSON.parse(data);
|
||||
const encrypted = isEncrypted(data);
|
||||
if (encrypted) {
|
||||
const encryptionKey = getEncryptionKey();
|
||||
try {
|
||||
return decryptObject(data, encryptionKey);
|
||||
} catch (decryptError) {
|
||||
console.error("Fehler beim Entschl\xFCsseln der Benutzerdaten:", decryptError);
|
||||
try {
|
||||
const plainData = JSON.parse(data);
|
||||
console.warn("Entschl\xFCsselung fehlgeschlagen, versuche als unverschl\xFCsseltes Format zu lesen");
|
||||
return plainData;
|
||||
} catch (parseError) {
|
||||
console.error("Konnte Benutzerdaten weder entschl\xFCsseln noch als JSON lesen");
|
||||
return [];
|
||||
}
|
||||
}
|
||||
} else {
|
||||
const users = JSON.parse(data);
|
||||
console.log("Migriere unverschl\xFCsselte Benutzerdaten zu verschl\xFCsselter Speicherung...");
|
||||
await writeUsers(users);
|
||||
return users;
|
||||
}
|
||||
} catch (error) {
|
||||
if (error.code === "ENOENT") {
|
||||
return [];
|
||||
}
|
||||
console.error("Fehler beim Lesen der Benutzerdaten:", error);
|
||||
return [];
|
||||
}
|
||||
}
|
||||
async function writeUsers(users) {
|
||||
try {
|
||||
await promises.writeFile(USERS_FILE, JSON.stringify(users, null, 2), "utf-8");
|
||||
const encryptionKey = getEncryptionKey();
|
||||
const encryptedData = encryptObject(users, encryptionKey);
|
||||
await promises.writeFile(USERS_FILE, encryptedData, "utf-8");
|
||||
return true;
|
||||
} catch (error) {
|
||||
console.error("Fehler beim Schreiben der Benutzerdaten:", error);
|
||||
|
||||
Reference in New Issue
Block a user