:sparkles: working jwt tokens

backend/lib/auth/strategies/jwt.js

@@ -2,21 +2,16 @@
 
 module.exports = options => {
     return {
-        keys: {
-            key: options.jwtKey,
+        key: options.jwtKey,
+        verifyOptions: {
             algorithms: ['HS256'],
         },
-        verify: {
-            aud: 'urn:audience:test',
-            iss: 'urn:issuer:test',
-            sub: false,
-            maxAgeSec: 14400, // 4 hours
-        },
-        validate: (artifacts, request, h) => {
+        validate: (decoded, request, h) => {
+            console.log('decoded :>> ', decoded)
             try {
                 return {
                     isValid: true,
-                    credentials: { user: artifacts.decoded.payload.user },
+                    credentials: { user: decoded.user_email },
                 }
             } catch (err) {
                 console.error(err)

backend/lib/plugins/user.js

@@ -1,7 +1,7 @@
 const Objection = require('objection')
 const Schmervice = require('@hapipal/schmervice')
 const Schwifty = require('@hapipal/schwifty')
-const Jwt = require('@hapi/jwt')
+const Jwt = require('hapi-auth-jwt2')
 const JwtStrategy = require('../auth/strategies/jwt')
 
 const UserModel = require('../models/user')

backend/lib/routes/health/get.js

@@ -12,7 +12,7 @@ const pluginConfig = {
     },
     opts: {
         tags: ['api'],
-        auth: { strategy: 'default_jwt' },
+        auth: 'default_jwt',
         cors: true,
     },
 }

backend/lib/routes/user/login.js

@@ -15,6 +15,14 @@ const pluginConfig = {
         auth: false,
         cors: true,
     },
+    cookieOpts: {
+        ttl: 1 * 24 * 60 * 60 * 1000,
+        encoding: 'none',
+        isHttpOnly: true,
+        clearInvalid: true,
+        strictHeader: true,
+        isSecure: true,
+    },
 }
 
 /** Validator functions by request method */
@@ -38,7 +46,6 @@ module.exports = {
         handler: async function (request, h) {
             try {
                 const { userService } = request.services()
-
                 const res = request.payload
 
                 // Callback to use as transaction
@@ -54,8 +61,13 @@ module.exports = {
 
                 // Bound context from your plugin server declaration
                 const user = await h.context.transaction(login)
+
                 const token = userService.createToken(user)
 
+                const response = h.response('success')
+                console.log('response :>> ', response)
+                response.header('Authorization', token)
+                response.state('token', token, pluginConfig.cookieOpts)
                 return {
                     ok: true,
                     handler: pluginConfig.handlerType,

backend/lib/services/user.js

@@ -1,7 +1,7 @@
 'use strict'
 require('dotenv').config()
 const Util = require('util')
-const Jwt = require('@hapi/jwt')
+const JWT = require('jsonwebtoken')
 const Schmervice = require('@hapipal/schmervice')
 const SecurePassword = require('secure-password')
 
@@ -143,21 +143,9 @@ module.exports = class UserService extends Schmervice.Service {
      */
     createToken(user) {
         const key = this.server.registrations['main-app-plugin'].options.jwtKey
-
-        return Jwt.token.generate(
-            {
-                aud: 'urn:audience:test',
-                iss: 'urn:issuer:test',
-                email: user.user_email,
-            },
-            {
-                key: key,
-                algorithm: 'HS256',
-            },
-            {
-                ttlSec: 14400, // 4 hours
-            },
-        )
+        const obj = {}
+        Object.assign(obj, { ...user })
+        return JWT.sign(obj, key)
     }
 
     /**

backend/package-lock.json

@@ -549,15 +549,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "@hapi/catbox-object": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/@hapi/catbox-object/-/catbox-object-2.0.0.tgz",
-            "integrity": "sha512-tzTo5q9UVqwqtpNkIz0VNSmJTbaGyD9ZQmw4a91BBWB+YJWYa066KkxOTHGmmWJzjZEhG2CsNYKu34J25pA5aw==",
-            "requires": {
-                "@hapi/boom": "9.x.x",
-                "@hapi/hoek": "9.x.x"
-            }
-        },
         "@hapi/content": {
             "version": "5.0.2",
             "resolved": "https://registry.npmjs.org/@hapi/content/-/content-5.0.2.tgz",
@@ -654,23 +645,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "@hapi/jwt": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/@hapi/jwt/-/jwt-2.0.1.tgz",
-            "integrity": "sha512-6/nX/yOIk9mvs+r72LFhF177yOB4yVv3e0Nqn7cIx2CU+VruBHxMKkHraARXx6oUAtiwNuyhW+trO5QeGm9ESQ==",
-            "requires": {
-                "@hapi/b64": "5.x.x",
-                "@hapi/boom": "9.x.x",
-                "@hapi/bounce": "2.x.x",
-                "@hapi/bourne": "2.x.x",
-                "@hapi/catbox-object": "2.x.x",
-                "@hapi/cryptiles": "5.x.x",
-                "@hapi/hoek": "9.x.x",
-                "@hapi/wreck": "17.x.x",
-                "ecdsa-sig-formatter": "1.x.x",
-                "joi": "^17.2.1"
-            }
-        },
         "@hapi/mimos": {
             "version": "6.0.0",
             "resolved": "https://registry.npmjs.org/@hapi/mimos/-/mimos-6.0.0.tgz",
@@ -1071,7 +1045,8 @@
             "dependencies": {
                 "ansi-regex": {
                     "version": "4.1.0",
-                    "resolved": "",
+                    "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
+                    "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==",
                     "dev": true
                 },
                 "emoji-regex": {
@@ -1602,6 +1577,11 @@
                 "ieee754": "^1.1.13"
             }
         },
+        "buffer-equal-constant-time": {
+            "version": "1.0.1",
+            "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
+            "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA=="
+        },
         "buffer-from": {
             "version": "1.1.1",
             "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz",
@@ -2044,6 +2024,11 @@
             "integrity": "sha1-fj5Iu+bZl7FBfdyihoIEtNPYVxU=",
             "dev": true
         },
+        "cookie": {
+            "version": "0.4.2",
+            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz",
+            "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA=="
+        },
         "copy-descriptor": {
             "version": "0.1.1",
             "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz",
@@ -3121,6 +3106,16 @@
                 "wordwrap": "^1.0.0"
             }
         },
+        "hapi-auth-jwt2": {
+            "version": "10.4.0",
+            "resolved": "https://registry.npmjs.org/hapi-auth-jwt2/-/hapi-auth-jwt2-10.4.0.tgz",
+            "integrity": "sha512-x733a6bdLSd0bMQeuvkENlNwLRHzsenhoUan7JQLEIizqTWPzPJtukixjx+LCLMyC/5BG3Si4npVB5mqfIMAog==",
+            "requires": {
+                "@hapi/boom": "^9.0.0",
+                "cookie": "^0.4.0",
+                "jsonwebtoken": "^9.0.0"
+            }
+        },
         "hapi-swagger": {
             "version": "14.5.5",
             "resolved": "https://registry.npmjs.org/hapi-swagger/-/hapi-swagger-14.5.5.tgz",
@@ -3797,12 +3792,52 @@
                 "minimist": "^1.2.5"
             }
         },
+        "jsonwebtoken": {
+            "version": "9.0.0",
+            "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz",
+            "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==",
+            "requires": {
+                "jws": "^3.2.2",
+                "lodash": "^4.17.21",
+                "ms": "^2.1.1",
+                "semver": "^7.3.8"
+            },
+            "dependencies": {
+                "semver": {
+                    "version": "7.3.8",
+                    "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz",
+                    "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==",
+                    "requires": {
+                        "lru-cache": "^6.0.0"
+                    }
+                }
+            }
+        },
         "just-extend": {
             "version": "4.2.1",
             "resolved": "https://registry.npmjs.org/just-extend/-/just-extend-4.2.1.tgz",
             "integrity": "sha512-g3UB796vUFIY90VIv/WX3L2c8CS2MdWUww3CNrYmqza1Fg0DURc2K/O4YrnklBdQarSJ/y8JnJYDGc+1iumQjg==",
             "dev": true
         },
+        "jwa": {
+            "version": "1.4.1",
+            "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+            "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+            "requires": {
+                "buffer-equal-constant-time": "1.0.1",
+                "ecdsa-sig-formatter": "1.0.11",
+                "safe-buffer": "^5.0.1"
+            }
+        },
+        "jws": {
+            "version": "3.2.2",
+            "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+            "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+            "requires": {
+                "jwa": "^1.4.1",
+                "safe-buffer": "^5.0.1"
+            }
+        },
         "keyv": {
             "version": "3.1.0",
             "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.1.0.tgz",
@@ -4246,8 +4281,7 @@
         "ms": {
             "version": "2.1.3",
             "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
-            "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
-            "dev": true
+            "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
         },
         "mysql": {
             "version": "2.18.1",

backend/package.json

@@ -20,7 +20,6 @@
         "@hapi/glue": "^8.0.0",
         "@hapi/hapi": "^20.1.3",
         "@hapi/inert": "^6.0.3",
-        "@hapi/jwt": "^2.0.1",
         "@hapi/vision": "^6.0.1",
         "@hapipal/confidence": "^6.0.1",
         "@hapipal/schmervice": "^2.0.0",
@@ -29,9 +28,11 @@
         "compute-cosine-similarity": "^1.0.0",
         "dotenv": "^10.0.0",
         "exiting": "^6.0.1",
+        "hapi-auth-jwt2": "^10.4.0",
         "hapi-swagger": "^14.5.5",
         "haversine": "^1.1.1",
         "joi": "^17.4.0",
+        "jsonwebtoken": "^9.0.0",
         "knex": "^0.21.19",
         "mysql": "^2.18.1",
         "objection": "^2.2.18",