refactor: use authService in backend

backend/services/auth/AuthService.js

@@ -0,0 +1,73 @@
+const jwt = require("jsonwebtoken");
+const crypto = require("crypto");
+require("dotenv").config();
+
+/**
+ * Service for handling JWT authentication
+ */
+class AuthService {
+  constructor() {
+    this.ADMIN_ENABLED = process.env.ADMIN_ENABLED === "true";
+    this.ADMIN_PASSWORD = process.env.ADMIN_PASSWORD;
+    this.JWT_EXPIRY = process.env.JWT_EXPIRY || "24h";
+
+    // Validate admin password if admin mode is enabled
+    if (
+      this.ADMIN_ENABLED &&
+      (!this.ADMIN_PASSWORD || this.ADMIN_PASSWORD.length < 12)
+    ) {
+      throw new Error(
+        "ADMIN_PASSWORD must be set and at least 12 characters long for security."
+      );
+    }
+
+    // Generate a secure JWT secret from the admin password
+    // or use a random value if admin mode is disabled
+    this.JWT_SECRET = crypto
+      .createHash("sha256")
+      .update(this.ADMIN_PASSWORD || "")
+      .digest("hex");
+  }
+
+  /**
+   * Generate a JWT token for an admin user
+   * @returns {string} JWT token
+   */
+  generateAdminToken() {
+    return jwt.sign({ isAdmin: true }, this.JWT_SECRET, {
+      expiresIn: this.JWT_EXPIRY,
+    });
+  }
+
+  /**
+   * Verify a JWT token
+   * @param {string} token - The JWT token to verify
+   * @returns {Object|null} Decoded token payload or null if invalid
+   */
+  verifyToken(token) {
+    try {
+      return jwt.verify(token, this.JWT_SECRET);
+    } catch (error) {
+      return null;
+    }
+  }
+
+  /**
+   * Check if admin mode is enabled
+   * @returns {boolean} True if admin mode is enabled
+   */
+  isAdminEnabled() {
+    return this.ADMIN_ENABLED;
+  }
+
+  /**
+   * Verify admin password
+   * @param {string} password - Password to verify
+   * @returns {boolean} True if password matches
+   */
+  verifyAdminPassword(password) {
+    return this.ADMIN_PASSWORD === password;
+  }
+}
+
+module.exports = new AuthService();