YouAndWeb_TwoToc
a2ecfb85282bb782ae96a40499c728d5c266f710
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
'use strict'; var passport = require('passport'); var config = require('../config/environment'); var jwt = require('jsonwebtoken'); var expressJwt = require('express-jwt'); var compose = require('composable-middleware'); var User = require('../api/user/user.model'); var validateJwt = expressJwt({ secret: config.secrets.session }); /** * Attaches the user object to the request if authenticated * Otherwise returns 403 */ function isAuthenticated() { return compose() // Validate jwt .use(function(req, res, next) { // allow access_token to be passed through query parameter as well if (req.query && req.query.hasOwnProperty('access_token')) { req.headers.authorization = 'Bearer ' + req.query.access_token; } validateJwt(req, res, next); }) // Attach user to request .use(function(req, res, next) { User.findByIdAsync(req.user._id) .then(function(user) { if (!user) { return res.status(401).end(); } req.user = user; next(); }) .catch(function(err) { return next(err); }); }); } /** * Checks if the user role meets the minimum requirements of the route */ function hasRole(roleRequired) { if (!roleRequired) { throw new Error('Required role needs to be set'); } return compose() .use(isAuthenticated()) .use(function meetsRequirements(req, res, next) { if (config.userRoles.indexOf(req.user.role) >= config.userRoles.indexOf(roleRequired)) { next(); } else { res.status(403).send('Forbidden'); } }); } /** * Returns a jwt token signed by the app secret */ function signToken(id, role) { return jwt.sign({ _id: id, role: role }, config.secrets.session, { expiresInMinutes: 60 * 5 }); } /** * Set token cookie directly for oAuth strategies */ function setTokenCookie(req, res) { if (!req.user) { return res.status(404).send('Something went wrong, please try again.'); } var token = signToken(req.user._id, req.user.role); res.cookie('token', JSON.stringify(token)); res.redirect('/'); } exports.isAuthenticated = isAuthenticated; exports.hasRole = hasRole; exports.signToken = signToken; exports.setTokenCookie = setTokenCookie; |
Commits for YouAndWeb_TwoTocserver/auth/auth.service.js
Revision | Author | Commited | Message |
---|---|---|---|
a2ecfb ... | PTKDev | Fri 20 Nov, 2015 11:22:35 +0000 | TwoToc code |