:construction: Set up scaffolding for other jwt lib

backend/lib/auth/strategies/jwt.js

@@ -2,16 +2,12 @@
 
 module.exports = options => {
     return {
-        keys: {
-            key: options.jwtKey,
+        key: options.jwtKey,
+        verifyOptions: {
             algorithms: ['HS256'],
         },
-        verify: {
-            aud: 'urn:audience:test',
-            iss: 'urn:issuer:test',
-            sub: false,
-        },
-        validate: (artifacts, request, h) => {
+        validate: (decoded, request, h) => {
+            console.log('decoded :>>', decoded)
             try {
                 // Check if the Access Token is Valid
                 // if (!accessTokenIsValid) {
@@ -25,9 +21,7 @@ module.exports = options => {
                 }
             } catch (err) {
                 console.error(err)
-                return {
-                    isValid: false,
-                }
+                return { isValid: false }
             }
         },
     }

backend/lib/plugins/user.js

@@ -1,7 +1,7 @@
 const Objection = require('objection')
 const Schmervice = require('@hapipal/schmervice')
 const Schwifty = require('@hapipal/schwifty')
-const Jwt = require('@hapi/jwt')
+const Jwt = require('hapi-auth-jwt2')
 const JwtStrategy = require('../auth/strategies/jwt')
 
 const UserModel = require('../models/user')

backend/lib/services/user.js

@@ -2,7 +2,6 @@
 require('dotenv').config()
 const crypto = require('crypto')
 const Util = require('util')
-const Jwt = require('@hapi/jwt')
 const JWT = require('jsonwebtoken')
 const Schmervice = require('@hapipal/schmervice')
 const SecurePassword = require('secure-password')
@@ -23,7 +22,6 @@ const hashEmail = async email => {
         return undefined
     }
 }
-// const emailsSent = {}
 const hasher = async (pwd, steak) => {
     const hash = await pwd.hash(steak)
     const result = await pwd.verify(steak, hash)
@@ -43,7 +41,7 @@ const hasher = async (pwd, steak) => {
             try {
                 squirtle = await pwd.hash(steak)
                 // console.log('improvedHash', squirtle)
-                // const saveHash = Auth.insert({user_email: matchingEmails}, ).into('token')
+                // const saveHash = Auth.insert({user_email: matchingEmails}).into('token')
                 return squirtle
             } catch (err) {
                 console.error(
@@ -63,8 +61,7 @@ module.exports = class UserService extends Schmervice.Service {
     constructor(...args) {
         super(...args)
         const pwd = new SecurePassword()
-        // TODO: Invalidate this cache somehow after a certain time period has
-        // passed
+        // TODO: Invalidate this application state somehow after a certain time period has passed
         // TODO: Remove hashedEmails in preference of activeSessions
         this.hashedEmails = {
             // NOTE: key is email hash and value is timestamp in ms
@@ -231,93 +228,10 @@ module.exports = class UserService extends Schmervice.Service {
     //
     createToken(user) {
         const key = this.server.registrations['main-app-plugin'].options.jwtKey
+        const obj = {}
 
-        let token = Jwt.token.generate(
-            {
-                aud: 'urn:audience:test',
-                iss: 'urn:issuer:test',
-                // ...payload,
-                email: user.email,
-                name: user.name,
-                seeking: user.seeking,
-                salt: 'a;ldfkjas;l/dfkafnml;/cjkf',
-                // profile_id: user.profile_id,
-            },
-            {
-                key: key,
-                algorithm: 'HS256',
-            },
-            {
-                ttlSec: 4 * 60 * 60, // 7 days
-            },
-        )
-        console.log('token :=>', token)
-        token = Jwt.token.generate(
-            {
-                aud: 'urn:audience:test',
-                iss: 'urn:issuer:test',
-                // ...payload,
-                email: user.email,
-                name: user.name,
-                seeking: user.seeking,
-                salt: 'qpowieurpqowytqpoieryu',
-                // profile_id: user.profile_id,
-            },
-            {
-                key: key,
-                algorithm: 'HS256',
-            },
-            {
-                ttlSec: 4 * 60 * 60, // 7 days
-            },
-        )
-        console.log('\n')
-        console.log('token :=>', token)
-        token = Jwt.token.generate(
-            {
-                aud: 'urn:audience:test',
-                iss: 'urn:issuer:test',
-                // ...payload,
-                email: user.email,
-                name: user.name,
-                seeking: user.seeking,
-                salt: 'a;ldfkjas;l/dfkafnml;/cjkf',
-                // profile_id: user.profile_id,
-            },
-            {
-                key: key,
-                algorithm: 'HS256',
-            },
-            {
-                ttlSec: 6 * 60 * 60, // 7 days
-            },
-        )
-        console.log('token :=>', token)
-        token = Jwt.token.generate(
-            {
-                aud: 'urn:audience:test',
-                iss: 'urn:issuer:test',
-                // ...payload,
-                email: user.email,
-                name: user.name,
-                seeking: user.seeking,
-                salt: 'a;ldfkjas;l/dfkafnml;/cjkf',
-                // profile_id: user.profile_id,
-            },
-            {
-                key: key,
-                algorithm: 'HS256',
-            },
-            {
-                ttlSec: 7 * 60 * 60, // 7 days
-            },
-        )
-        console.log('token :=>', token)
-
-        // TODO: keep userinfo and it's association with the sessionToken in state/memory
-        // registerSession(user, sessionToken) // useremail, token
-        // this.registerSession(user, token)
-        return token
+        Object.assign(obj, { ...user })
+        return JWT.sign(obj, key)
     }
 
     async registerSession(user, hashedEmail, token) {
@@ -326,6 +240,7 @@ module.exports = class UserService extends Schmervice.Service {
             hashedEmail: hashedEmail,
             token: token,
         }
+
         const alreadyExists = this.activeSessions.find(
             sessionRequester => sessionRequester.hashedEmail === hashedEmail,
         )
@@ -339,13 +254,14 @@ module.exports = class UserService extends Schmervice.Service {
      * @returns {Token}
      */
     validateToken(token) {
+        console.log('token :=>', token)
         const key = this.server.registrations['main-app-plugin'].options.jwtKey
-        // NOTE: reveals email...perhaps unhashed email belongs here instead...
         try {
-            const decodedToken = Jwt.token.decode(token)
-            Jwt.token.verify(decodedToken, key)
-            return { isValid: true, payload: decodedToken.decoded.payload }
+            const decodedToken = JWT.verify(token, key)
+            console.log('decodedToken :=>', decodedToken)
+            return { isValid: true, payload: decodedToken }
         } catch (err) {
+            console.error('ERROR :=>', err)
             return { isValid: false, error: err.message }
         }
     }
@@ -419,6 +335,7 @@ module.exports = class UserService extends Schmervice.Service {
         }
         // Set expiration time for five minutes from now
         const duration = 1000 * 60 * 5
+
         this.hashedEmails[hashedEmail] = Date.now() + duration
         const sendSmtpEmail = {
             to: [
@@ -435,16 +352,10 @@ module.exports = class UserService extends Schmervice.Service {
 
         await apiInstance.sendTransacEmail(sendSmtpEmail).then(
             data => {
-                return {
-                    wasSuccessfull: true,
-                    data: data,
-                }
+                return { wasSuccessfull: true, data: data }
             },
             error => {
-                return {
-                    wasSuccessfull: false,
-                    error: error,
-                }
+                return { wasSuccessfull: false, error: error }
             },
         )
     }

backend/package-lock.json

@@ -12,7 +12,6 @@
                 "@hapi/glue": "^8.0.0",
                 "@hapi/hapi": "^20.1.3",
                 "@hapi/inert": "^6.0.3",
-                "@hapi/jwt": "^2.2.0",
                 "@hapi/vision": "^6.0.1",
                 "@hapipal/confidence": "^6.0.1",
                 "@hapipal/schmervice": "^2.0.0",
@@ -666,15 +665,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "node_modules/@hapi/catbox-object": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/@hapi/catbox-object/-/catbox-object-2.0.0.tgz",
-            "integrity": "sha512-tzTo5q9UVqwqtpNkIz0VNSmJTbaGyD9ZQmw4a91BBWB+YJWYa066KkxOTHGmmWJzjZEhG2CsNYKu34J25pA5aw==",
-            "dependencies": {
-                "@hapi/boom": "9.x.x",
-                "@hapi/hoek": "9.x.x"
-            }
-        },
         "node_modules/@hapi/content": {
             "version": "5.0.2",
             "resolved": "https://registry.npmjs.org/@hapi/content/-/content-5.0.2.tgz",
@@ -777,23 +767,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "node_modules/@hapi/jwt": {
-            "version": "2.2.0",
-            "resolved": "https://registry.npmjs.org/@hapi/jwt/-/jwt-2.2.0.tgz",
-            "integrity": "sha512-hOzQ/E0O9XemapjYddGH4ReCG5JEHz62zLeNou4Mt282yx7JknCPTTsnsqkxRE+EPVWNGXGz2E3SDlST80hjMw==",
-            "dependencies": {
-                "@hapi/b64": "5.x.x",
-                "@hapi/boom": "9.x.x",
-                "@hapi/bounce": "2.x.x",
-                "@hapi/bourne": "2.x.x",
-                "@hapi/catbox-object": "2.x.x",
-                "@hapi/cryptiles": "5.x.x",
-                "@hapi/hoek": "9.x.x",
-                "@hapi/wreck": "17.x.x",
-                "ecdsa-sig-formatter": "1.x.x",
-                "joi": "^17.2.1"
-            }
-        },
         "node_modules/@hapi/mimos": {
             "version": "6.0.0",
             "resolved": "https://registry.npmjs.org/@hapi/mimos/-/mimos-6.0.0.tgz",
@@ -9168,15 +9141,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "@hapi/catbox-object": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/@hapi/catbox-object/-/catbox-object-2.0.0.tgz",
-            "integrity": "sha512-tzTo5q9UVqwqtpNkIz0VNSmJTbaGyD9ZQmw4a91BBWB+YJWYa066KkxOTHGmmWJzjZEhG2CsNYKu34J25pA5aw==",
-            "requires": {
-                "@hapi/boom": "9.x.x",
-                "@hapi/hoek": "9.x.x"
-            }
-        },
         "@hapi/content": {
             "version": "5.0.2",
             "resolved": "https://registry.npmjs.org/@hapi/content/-/content-5.0.2.tgz",
@@ -9273,23 +9237,6 @@
                 "@hapi/hoek": "9.x.x"
             }
         },
-        "@hapi/jwt": {
-            "version": "2.2.0",
-            "resolved": "https://registry.npmjs.org/@hapi/jwt/-/jwt-2.2.0.tgz",
-            "integrity": "sha512-hOzQ/E0O9XemapjYddGH4ReCG5JEHz62zLeNou4Mt282yx7JknCPTTsnsqkxRE+EPVWNGXGz2E3SDlST80hjMw==",
-            "requires": {
-                "@hapi/b64": "5.x.x",
-                "@hapi/boom": "9.x.x",
-                "@hapi/bounce": "2.x.x",
-                "@hapi/bourne": "2.x.x",
-                "@hapi/catbox-object": "2.x.x",
-                "@hapi/cryptiles": "5.x.x",
-                "@hapi/hoek": "9.x.x",
-                "@hapi/wreck": "17.x.x",
-                "ecdsa-sig-formatter": "1.x.x",
-                "joi": "^17.2.1"
-            }
-        },
         "@hapi/mimos": {
             "version": "6.0.0",
             "resolved": "https://registry.npmjs.org/@hapi/mimos/-/mimos-6.0.0.tgz",

backend/package.json

@@ -20,7 +20,6 @@
         "@hapi/glue": "^8.0.0",
         "@hapi/hapi": "^20.1.3",
         "@hapi/inert": "^6.0.3",
-        "@hapi/jwt": "^2.2.0",
         "@hapi/vision": "^6.0.1",
         "@hapipal/confidence": "^6.0.1",
         "@hapipal/schmervice": "^2.0.0",

frontend/src/views/OnboardingView.vue

@@ -68,9 +68,9 @@ export default {
     async created() {
         this.survey = await surveyFactory.createSurvey()
         this.authenticator = new Authenticator()
+        // TODO: Once tokens are coming through headers, refactor all of this into methods, etc.
         // TODO: Consider switch/case() depending on what tokens exist/are valid...
         sessionToken = this.grabStoredCookie('siimee_session')
-        console.log('sessionToken :=>', sessionToken)
         // if (!sessionToken) {
         //     //
         // }
@@ -78,9 +78,10 @@ export default {
         // if (!accessToken) {
         //     // blow up
         // }
-        const sessionData = await this.authenticator.validateSession(
-            sessionToken,
-        )
+        let sessionData
+        if (sessionToken) {
+            sessionData = await this.authenticator.validateSession(sessionToken)
+        }
         // if (sessionData.isValid && !accessToken) {
         if (sessionData.isValid) {
             this.userEmail = sessionData.payload.email