conFusionServerNodeJS/authenticate.js at master · ITersDesktop/conFusionServerNodeJS · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
const User = require('./models/user');
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const jwt = require('jsonwebtoken');
const config = require('./config');

passport.use(new LocalStrategy(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());

exports.getToken = function(user) {
    return jwt.sign(user, config.secretKey,
        {expiresIn: 3600});
}

let opts = {};
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = config.secretKey;

exports.jwtPassport = passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
    console.log("JWT payload: ", jwt_payload);
    User.findById(jwt_payload._id, (err, user) => {
        if (err) {
            return done(err, false);
        } else if (user) {
            return done(null, user);
        } else {
            return done(null, false);
        }
    });
}));

exports.verifyAdmin = (req, res, next) => {
    console.log("User: " + req.user);
    /*const authHeader = req.headers.authorization;

    if (authHeader) {
        const token = authHeader.split(' ')[1];
        jwt.verify(token, config.secretKey, (err, test) => {
            // console.log(test._id)
            if (err) {
                next(err);
            } else {
                User.findOne({_id: test._id}, (err, user) => {
                    if (user.admin === true) {
                        return next()
                    }
                    else {
                        res.statusCode = 403
                        err = new Error("You are not authorized to perform this operation")
                        return next(err)
                    }
                });
            }
        });
    }*/
    if (req.user.admin === true) {
        next();
    } else {
        let err = new Error('You are not authorized to perform this operation');
        err.status = 403;
        return next(err);
    }
}

exports.verifyUser = passport.authenticate('jwt', {session: false});

/*exports.verifyUser = function (req, res, next) {
    let token = req.body.token || req.query.token || req.headers['authorization'];
    console.log(token);
    const bearer = token.split(' ');
    const bearerToken = bearer[1];
    req.token = bearerToken;
    if (req.token) {
        jwt.verify(req.token, config.secretKey, function (err, decoded) {
            if (err) {
                const err = new Error('You are not authenticated!');
                err.status = 403;
                return next(err);
            } else {
                console.log("Logged in user: " + JSON.stringify(decoded));
                req.decoded = decoded;
                next();
            }
        });
    } else {
        const err = new Error('No token provided!');
        err.status = 403;
        return next(err);
    }
};*/