tomit4
/
siimee
forked from fyindr/siimee
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

:recycle: working token | i think?

master
TOJ 5 years ago
parent
0b42d68b3c
commit
588ccda1b4
5 changed files with 98 additions and 67 deletions
Split View Show Diff Stats
  1. 15
    7
      backend/lib/auth/strategies/jwt.js
  2. 1
    0
      backend/lib/plugins/user.js
  3. 31
    20
      backend/lib/routes/user/current.js
  4. 41
    34
      backend/lib/routes/user/login.js
  5. 10
    6
      backend/lib/services/user.js

+ 15
- 7
backend/lib/auth/strategies/jwt.js View File 

@@ -7,16 +7,24 @@ module.exports = (options) => {
7 7 
             algorithms: ['HS256']
8 8 
         },
9 9 
         verify: {
10 
-            aud: false,
11 
-            iss: false,
12 
-            sub: false
10 
+            aud: 'urn:audience:test',
11 
+            iss: 'urn:issuer:test',
12 
+            sub: false,
13 13 
         },
14 
-        httpAuthScheme: 'Token',
15 14 
         validate: (artifacts, request, h) => {
16 
-            return {
17 
-                isValid: true,
18 
-                credentials: { user: artifacts.decoded.payload.user }
15 
+            try {
16 
+                return {
17 
+                    isValid: true,
18 
+                    credentials: { user: artifacts.decoded.payload.user }
19 
+                }
19 20 
             }
21 
+            catch (err) {
22 
+                console.error(err)
23 
+                return {
24 
+                    isValid: false
25 
+                }
26 
+            }
27 
+
20 28 
         }
21 29 
     }
22 30 
 }

+ 1
- 0
backend/lib/plugins/user.js View File 

@@ -22,6 +22,7 @@ module.exports = {
22 22
23 23 
         const mainApp = server.registrations['main-app-plugin']
24 24 
         const jwtOptions = JwtStrategy(mainApp.options)
25 
+
25 26 
         server.auth.strategy('default_jwt', 'jwt', jwtOptions)
26 27 
         server.auth.default('default_jwt')
27 28

+ 31
- 20
backend/lib/routes/user/current.js View File 

@@ -26,30 +26,41 @@ const validators = {
26 26 
 module.exports = {
27 27 
     method: 'get',
28 28 
     path: '/{name}',
29 
-    handler: async request => {
30 
-        try {
31 
-            /** Get the data for your endpoint */
32 
-            const { User } = request.models()
33 
-            const all = await User.query()
34 
-
35 
-            return {
36 
-                ok: true,
37 
-                handler: pluginConfig.handlerType,
38 
-                data: { name: request.params.name, all },
39 
-            }
40 
-        }
41 
-        catch(err) {
42 
-            return {
43 
-                ok: false,
44 
-                handler: pluginConfig.handlerType,
45 
-                data: { error: err },
46 
-            }
47 
-        }
48 
-    },
49 29 
     options: {
50 30 
         ...pluginConfig.docs.get,
51 31 
         tags: ['api'],
52 32 
         auth: 'default_jwt',
33 
+        handler: async function (request, h) {
34 
+            console.log('current')
35 
+            console.log(request)
36 
+            try {
37 
+                const auth = {
38 
+                    credentials: request.auth.credentials,
39 
+                    token: request.auth.artifacts.token
40 
+                }
41 
+
42 
+                // /** Get the data for your endpoint */
43 
+                // const { User } = request.models()
44 
+                // const all = await User.query()
45 
+
46 
+
47 
+                const { displayService } = request.services()
48 
+                const user = displayService.user(auth.credentials, auth.token)
49 
+
50 
+                return {
51 
+                    ok: true,
52 
+                    handler: pluginConfig.handlerType,
53 
+                    data: { name: request.params.name },
54 
+                }
55 
+            }
56 
+            catch(err) {
57 
+                return {
58 
+                    ok: false,
59 
+                    handler: pluginConfig.handlerType,
60 
+                    data: { error: err },
61 
+                }
62 
+            }
63 
+        },
53 64 
         validate: validators.get,
54 65 
         response: {
55 66 
             schema: Joi.object({

+ 41
- 34
backend/lib/routes/user/login.js View File 

@@ -1,7 +1,6 @@
1 1 
 'use strict';
2 2
3 3 
 const Joi = require('joi');
4 
-const User = require('../../models/user');
5 4
6 5 
 const pluginConfig = {
7 6 
     handlerType: 'user',
 
@@ -21,55 +20,63 @@ const validators = {
21 20 
             user: Joi.object(),
22 21 
             error: Joi.string()
23 22 
         })
24 
-    }
23 
+    },
24 
+    user: Joi.object({
25 
+        user_id: Joi.number(),
26 
+        user_name: Joi.string(),
27 
+        user_email: Joi.string(),
28 
+        created_at: Joi.date(),
29 
+        updated_at: Joi.date(),
30 
+        token: Joi.string(),
31 
+    })
25 32 
 }
26 33
27 34 
 module.exports = {
28 35 
     method: 'post',
29 36 
     path: '/login',
30 
-    handler: async function (request, h) {
31 
-        try {
32 
-            const { userService, displayService } = request.services()
37 
+    options: {
38 
+        ...pluginConfig.docs.post,
39 
+        tags: ['api'],
40 
+        auth: false,
41 
+        handler: async function (request, h) {
42 
+            try {
43 
+                const { userService, displayService } = request.services()
33 44
34 
-            const res = request.payload
45 
+                const res = request.payload
35 46
36 
-            // Callback to use as transaction
37 
-            const login = async (txn) => {
38 
-                return await userService.login({
39 
-                    email: res.user.email,
40 
-                    password: res.user.password
41 
-                }, txn)
42 
-            }
47 
+                // Callback to use as transaction
48 
+                const login = async (txn) => {
49 
+                    return await userService.login({
50 
+                        email: res.user.email,
51 
+                        password: res.user.password
52 
+                    }, txn)
53 
+                }
43 54
44 
-            // Bound context from your plugin server declaration
45 
-            const user = await h.context.transaction(login)
46 
-            const token = userService.createToken(user.id)
55 
+                // Bound context from your plugin server declaration
56 
+                const user = await h.context.transaction(login)
57 
+                const token = userService.createToken(user)
47 58
48 
-            return {
49 
-                ok: true,
50 
-                handler: pluginConfig.handlerType,
51 
-                data: { user: displayService.user(user, token) }
59 
+                return {
60 
+                    ok: true,
61 
+                    handler: pluginConfig.handlerType,
62 
+                    data: displayService.user(user, token)
63 
+                }
52 64 
             }
53 
-        }
54 
-        catch(err) {
55 
-            console.error(err)
56 
-            return {
57 
-                ok: false,
58 
-                handler: pluginConfig.handlerType,
59 
-                data: { error: `${err}` },
65 
+            catch(err) {
66 
+                console.error(err)
67 
+                return {
68 
+                    ok: false,
69 
+                    handler: pluginConfig.handlerType,
70 
+                    data: { error: `${err}` },
71 
+                }
60 72 
             }
61 
-        }
62 
-    },
63 
-    options: {
64 
-        ...pluginConfig.docs.post,
65 
-        tags: ['api'],
66 
-        auth: false,
73 
+        },
67 74 
         validate: validators.post,
68 75 
         response: {
69 76 
             schema: Joi.object({
70 77 
                 ok: Joi.bool(),
71 78 
                 handler: Joi.string(),
72 
-                data: validators.post.payload
79 
+                data: validators.user
73 80 
             }),
74 81 
             failAction: 'log'
75 82 
         }

+ 10
- 6
backend/lib/services/user.js View File 

@@ -45,8 +45,6 @@ module.exports = class UserService extends Schmervice.Service {
45 45 
     async login({ email, password }, txn) {
46 46 
         const { User } = this.server.models()
47 47
48 
-        console.log('user service attempting login...')
49 
-
50 48 
         const user = await User.query(txn)
51 49 
             .throwIfNotFound()
52 50 
             .first()
 
@@ -64,13 +62,19 @@ module.exports = class UserService extends Schmervice.Service {
64 62
65 63 
         return user
66 64 
     }
67 
-    createToken(id) {
68 
-        const key =this.server.registrations['main-app-plugin'].options.jwtKey
69 
-        return Jwt.token.generate({ id }, {
65 
+    createToken(user) {
66 
+        const key = this.server.registrations['main-app-plugin'].options.jwtKey
67 
+
68 
+        return Jwt.token.generate({
69 
+            aud: 'urn:audience:test',
70 
+            iss: 'urn:issuer:test',
71 
+            email: user.user_email
72 
+        },
73 
+        {
70 74 
             key: key,
71 75 
             algorithm: 'HS256'
72 76 
         }, {
73 
-            ttlSec: 7 * 24 * 60 * 60 // 7 days
77 
+            ttlSec: 4 * 60 * 60 // 7 days
74 78 
         })
75 79 
     }
76 80 
     async changePassword(id, password, txn) {

Write Preview
Loading…
Cancel
Save