galvanic-corrosion/src/data/profile/ProfileAuth.ts

/* Galvanic Corrosion - Rec Room custom server for communities.
<https://gitea.proxnet.dev/zombieb/galvanic-corrosion>
Copyright (C) 2025 @zombieb (Discord / proxnet Gitea)

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>. */

import { Config } from "../../config/config.ts";
import { Redis } from "../../db.ts";
import type { ProfileTokenFormat } from "../auth/TokenBaseFormat.ts";
import { AuthType } from "../UserTypes.ts";
import { ProfileContentManager } from "./base/profilemanagerbase.ts";
import * as JsonWebToken from "@gz/jwt";

const config = Config.getConfig();

export class ProfileAuth extends ProfileContentManager {

    async getToken() {
        const payload: ProfileTokenFormat = {
            iss: `${config.web.api.securepublichost ? 'https' : 'http'}://${config.web.api.publichost}`,
            sub: this.profile.getId(),
            role: (await this.getIsOperator()) ? 'developer' : 'user',
            exp: Math.round(Date.now() / 1000) + Math.round(config.auth.timeout * 60 * 60),
            typ: AuthType.Game,
        };
        return await JsonWebToken.encode(payload, config.auth.secret, { algorithm: "HS512" });
    }

    async getIsOperator() {
        return (await Redis.Database.sismember(Redis.buildKey(Redis.KeyGroups.Operators), this.profile.getId().toString())) >= 1;
    }

}