-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthenticate.js
115 lines (105 loc) · 3.22 KB
/
authenticate.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
const jwt = require('jsonwebtoken');
const passport = require('passport');
const config = require('./dbconfig');
const Users = require('./models/userModel');
const {Blacklist, deleteOlderTokens} = require('./models/BlacklistJwtModel');
const LocalStrategy = require('passport-local').Strategy;
const local = passport.use(new LocalStrategy(Users.authenticate()));
passport.serializeUser(Users.serializeUser());
passport.deserializeUser(Users.deserializeUser());
const expiresInSec = 3600; //JWT expires in 3600 seconds i.e. 1 hour
const getToken = function (user) {
return jwt.sign(user, config.secretKey, { expiresIn:expiresInSec });
};
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const opts = {
jwtFromRequest : ExtractJwt.fromHeader("auth_token"),
secretOrKey : config.secretKey
};
// Pass JWT in header under the name "auth_token"
const jwtPassport = passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
console.log('JWT PAYLOAD: ',jwt_payload);
Users.findOne({_id:jwt_payload._id}, (err, user) => {
if (err) {
console.log(err);
return done(err, false);
}
if (user) {
console.log("Success!");
return done(null, user);
}
else {
console.log("No user found!");
return done(null, false);
}
});
}));
const verifyUser = passport.authenticate('jwt', { session: false });
const verifyAdmin = function (req, res, next) {
if (req.user.admin) {
next();
}
else {
let err = new Error("You are not authorized for this action!");
err.status = 403;
next(err);
}
};
const checkJwtValidity = async function (req, res, next) {
// Check whether JWT is valid i.e. whether it is not black listed
try {
let token = req.headers["auth_token"];
let found = await Blacklist.findOne({ token: token });
let delOldTokens = await deleteOlderTokens(expiresInSec);
console.log(delOldTokens);
if (found) {
let err = new Error("JWT invalid!");
err.status = 403;
next(err);
}
else {
next();
}
}
catch (err) {
console.log(err);
next(err);
}
};
const checkLoggedIn = async function (req, res, next) {
// Check whether someone is already logged in before sign up/log in
try {
let token = req.headers["auth_token"];
let isValid = jwt.verify(token, config.secretKey);
let isBlacklisted;
if (isValid) {
isBlacklisted = await Blacklist.findOne({ token: token });
if (!isBlacklisted) {
let err = new Error("Please log out before proceeding!");
err.status = 403;
next(err);
}
}
next();
}
catch (err) {
if (err instanceof jwt.TokenExpiredError) {
console.log("Token expired, proceed to login. . .");
next();
}
else {
console.log(err);
next(err);
}
}
};
module.exports = {
local,
jwtPassport,
getToken,
verifyUser,
verifyAdmin,
checkJwtValidity,
checkLoggedIn
};