From 1a3bd64b7964a00f38379bcfefd7847c22c96e6f Mon Sep 17 00:00:00 2001 From: Kyarasu Date: Tue, 17 Feb 2026 17:43:33 +0900 Subject: [PATCH] Feature: Done --- Backend/Workspace/Tools/CreateCookie.js | 38 ++++++++++++++++++ Backend/Workspace/Tools/InverseVCM.js | 52 +++++++++++++++++++++++++ Backend/Workspace/Tools/VCM.js | 52 +++++++++++++++++++++++++ 3 files changed, 142 insertions(+) create mode 100644 Backend/Workspace/Tools/CreateCookie.js create mode 100644 Backend/Workspace/Tools/InverseVCM.js create mode 100644 Backend/Workspace/Tools/VCM.js diff --git a/Backend/Workspace/Tools/CreateCookie.js b/Backend/Workspace/Tools/CreateCookie.js new file mode 100644 index 00000000..efa95cc4 --- /dev/null +++ b/Backend/Workspace/Tools/CreateCookie.js @@ -0,0 +1,38 @@ +/*========== Manual ========== +# Input(obj) +res: (req, res) => {}のres +cookieName: cookieの名前 +payload: { userId: 1 }のようなcookieに入れ込む情報 +secretKey: .envから読み取ったcookieのシークレットキー +deadlineHours: 有効期限[h] +httpOnly = true: true or false +sameSite = 'strict': 'strict' or 'lax' or 'none' + +# Output +クライアントへCookieを返す + +#Description +Server.jsにおいて.envを絶対パス指定にしておきましょう。 +例: const dotenv = require('dotenv').config({ path: path.resolve(__dirname, '.env') }); +========== Manual ==========*/ + +const jwt = require('jsonwebtoken'); + +// CreateCookie.js +function CreateCookie({res, cookieName, payload, secretKey, deadlineHours, httpOnly = true, sameSite = 'strict'}) { + // Startup Log + const logOwner = "CreateCookie"; + console.log(`\n${logOwner}-Function is running!\n`); + // I/O Log + console.log(`[${logOwner}] Input => cookieName: ${cookieName}, payload: ${JSON.stringify(payload)}, deadlineHours: ${deadlineHours}, httpOnly: ${httpOnly}, sameSite: ${sameSite}`); + + // Tokenの作成 + const token = jwt.sign(payload, secretKey, { expiresIn: `${deadlineHours}h` }); + // Cookieの配布 + res.cookie(cookieName, token, { httpOnly: httpOnly, sameSite: sameSite }); + + // Shutdown Log + console.log(`[${logOwner}] Shutdown!`); +} + +module.exports = CreateCookie; \ No newline at end of file diff --git a/Backend/Workspace/Tools/InverseVCM.js b/Backend/Workspace/Tools/InverseVCM.js new file mode 100644 index 00000000..217075fb --- /dev/null +++ b/Backend/Workspace/Tools/InverseVCM.js @@ -0,0 +1,52 @@ +/*========== Manual ========== +# Input +cookieName: cookieの名前 +secretKey: .envから読み取ったcookieのシークレットキー + +# Output +認証失敗の場合は指定したに飛ばす + +#Description +Server.jsにおいて.envを絶対パス指定にしておきましょう。 +例: const dotenv = require('dotenv').config({ path: path.resolve(__dirname, '.env') }); + +#Usage +app.get("/", InverseVCM('LoginToken', LOGIN_SECRET), (req, res) => {...]}); +のようにしてミドルウェアとして使う +========== Manual ==========*/ + +const jwt = require('jsonwebtoken'); + +// InverseVCM.js +function InverseVCM(cookieName, secretKey) { + // Startup Log + const logOwner = "InverseVCM"; + console.log(`\n${logOwner}-Function is running!\n`); + // I/O Log + console.log(`[${logOwner}] Input => cookieName: ${cookieName}`); + + return function (req, res, next) { + const token = req.cookies?.[cookieName]; + if (!token) return next(); + + try { + jwt.verify(token, secretKey); + // Verify Success Log + console.log(`[${logOwner}] ${cookieName} is verified!`); + // Shutdown Log + console.log(`[${logOwner}] Shutdown!`); + return res.redirect("/Home"); + } catch (err) { + //Verify Error Log + console.error(`[${logOwner}] ${cookieName} is not verified!`,err); + // Shutdown Log + console.log(`[${logOwner}] Shutdown!`); + + // 検証に問題があったらなにもしない + res.clearCookie(cookieName); + return next(); + } + }; +} + +module.exports = InverseVCM; \ No newline at end of file diff --git a/Backend/Workspace/Tools/VCM.js b/Backend/Workspace/Tools/VCM.js new file mode 100644 index 00000000..a0a1b996 --- /dev/null +++ b/Backend/Workspace/Tools/VCM.js @@ -0,0 +1,52 @@ +/*========== Manual ========== +# Input +cookieName: cookieの名前 +secretKey: .envから読み取ったcookieのシークレットキー + +# Output +req.authにcookieの抽出情報を入れる +認証失敗の場合はエラーを返す + +#Description +Server.jsにおいて.envを絶対パス指定にしておきましょう。 +例: const dotenv = require('dotenv').config({ path: path.resolve(__dirname, '.env') }); + +#Usage +app.get("/", VCM('LoginToken', LOGIN_SECRET), (req, res) => {...]}); +のようにしてミドルウェアとして使う +========== Manual ==========*/ + +const jwt = require('jsonwebtoken'); + +// VerifyCookieMiddleware.js +function VCM(cookieName, secretKey) { + // Startup Log + const logOwner = "VCM"; + console.log(`\n${logOwner}-Function is running!\n`); + // I/O Log + console.log(`[${logOwner}] Input => cookieName: ${cookieName}`); + + return function (req, res, next) { + const token = req.cookies?.[cookieName]; + if (!token) return res.sendStatus(401); + + try { + req.auth = jwt.verify(token, secretKey); + // Verify Success Log + console.log(`[${logOwner}] ${cookieName} is verified!`); + // Shutdown Log + console.log(`[${logOwner}] Shutdown!`); + next(); + } catch (err) { + //Verify Error Log + console.error(`[${logOwner}] ${cookieName} is not verified!`,err); + // Shutdown Log + console.log(`[${logOwner}] Shutdown!`); + + // 検証に問題があった瞬間rootページへ飛ばす + return res.redirect("/"); + } + }; +} + +module.exports = VCM; \ No newline at end of file