-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.js
104 lines (94 loc) · 3.15 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
import bcrypt from 'bcrypt';
import jwt from 'jsonwebtoken';
import models from './models';
import 'dotenv/config';
const auth = {
getTokens: ({_id, isAdmin, isTeacher}, SECRET, SECRET2 )=>{
const token = jwt.sign({user: _id, isAdmin, isTeacher}, SECRET, { expiresIn: '1h'})
const refreshToken = jwt.sign({user: _id}, SECRET2, { expiresIn: '7d'})
return [token,refreshToken];
},
login: async (username, password, User, SECRET, SECRET2)=>{
const user = await User.findOne({username})
if(!user){
return {
success:false,
errors:[{path:'username', message:'Username does not exist'}]
}
}
const validPassword = await bcrypt.compare(password, user.password)
if(!validPassword){
return {
success:false,
errors:[{path:'password', message:'Invalid Password'}]
}
}
// console.log("user:[auth.login]",user);
const refreshTokenSecret = user.password + SECRET2;
// console.log('refreshTokenSecret:[auth.login]',user.password,SECRET2,refreshTokenSecret);
const [token,refreshToken] = auth.getTokens(user, SECRET, refreshTokenSecret)
return {
success: true,
token,
refreshToken,
errors: []
}
},
refreshTokens: async (token, refreshToken, models, SECRET, SECRET2) => {
let userId = 0, admin=false;
try {
// const { user: { _id } } = jwt.decode(refreshToken);
const {user} = jwt.decode(refreshToken);
userId = user;
} catch (err) {
return {};
}
if (!userId) {
return {};
}
const user = await models.User.findOne({ _id: userId });
if (!user) {return {};}
const refreshSecret = user.password + SECRET2;
// console.log('xxxxx',refreshToken, refreshSecret);
try {
jwt.verify(refreshToken, refreshSecret);
} catch (err) {
return {};
}
const [newToken, newRefreshToken] = await auth.getTokens(user, SECRET, refreshSecret);
return {
token: newToken,
refreshToken: newRefreshToken,
user: user._id,
isAdmin: user.isAdmin,
isTeacher: user.isTeacher,
};
},
getHeaders: async (req, res, next)=> {
const token = req.headers['x-token'];
// console.log('token[auth.getHeaders]:', token);
if (token) {
try {
const { user, isAdmin, isTeacher } = jwt.verify(token, process.env.SECRET);
// console.log('user[auth.getHeaders]:', user);
req.user = user;
req.isAdmin = isAdmin;
req.isTeacher = isTeacher;
} catch (err) {
const refreshToken = req.headers['x-refresh-token'];
const newTokens = await auth.refreshTokens(token, refreshToken, models, process.env.SECRET, process.env.SECRET2);
// console.log('newTokens[auth.getHeaders]:', newTokens);
if (newTokens.token && newTokens.refreshToken) {
res.set('Access-Control-Expose-Headers', 'x-token, x-refresh-token');
res.set('x-token', newTokens.token);
res.set('x-refresh-token', newTokens.refreshToken);
}
req.user = newTokens.user;
req.isAdmin = newTokens.isAdmin;
req.isTeacher = newTokens.isTeacher;
}
}
next();
}
}
export default auth;