app2-api/core/passport.js

const _ = require('lodash');
const passport = require('passport');
const crypto = require('crypto');
const { Strategy: LocalStrategy } = require('passport-local');
const { Strategy: CustomStrategy } = require('passport-custom');

const models = require('./models');
const securityHelper = require('../helpers/security.helper');
const authService = require('../modules/auth/auth.service');

/**
 * Validación sobre firebase
 */
var firebase_admin = require('firebase-admin');
var serviceAccount = require('../firebase-key.json');
firebase_admin.initializeApp({
    credential: firebase_admin.credential.cert(serviceAccount),
    databaseURL: "https://app-lqdvi-v2.firebaseio.com"
});

passport.serializeUser((user, done) => {
    console.log('serializarUsuario');
    done(null, user.id);
});

passport.deserializeUser((id, done) => {
    console.log('desserializarUsuario');
    models.User.findById(id, (err, user) => {
        done(err, user);
    });
});

/**
 * Sign in using Email and Password.
 */
const localEmailOptions = {
    usernameField: 'email',
    passwordField: 'password',
}

passport.use('local-email', new LocalStrategy(localEmailOptions, async (email, password, done) => {
    try {
        let user = await authService.extraMethods.findUser({ email });
        if (_.isNull(user)) {
            return done(null, false, { message: 'User not found' })
        } else {
            var password_encoded = crypto.createHash('sha512').update(password).digest('hex');            
            const isPasswordValid = await user.comparePassword(password_encoded);
            if (!isPasswordValid) {
                return done(null, false, { message: 'Wrong Password' })
            } else {
                user = user.toJSON();
                delete user.password;
                return done(null, user, { message: 'Logged in Successfully' });
            }
        }
    } catch (error) {
        return done(error);
    }
}));


/**
 * Register using phone.
 */
const localPhoneOptions = {
    usernameField: 'phone',
    passwordField: 'fbuid',    
 }

passport.use('local-phone', new LocalStrategy(localPhoneOptions, async (phone, fbuid, done) => {
    try {
        firebase_admin.auth().getUserByPhoneNumber(phone)
        .then(function(userRecord) {
            if (userRecord && userRecord.toJSON().uid == fbuid) {
                if (userRecord.toJSON().disabled) 
                    return done(null, false, { message: 'User disabled in fb' }) 
                else 
                    return done(null, userRecord.toJSON(), { message: 'Register user' });                    
            }
            else 
                return done(null, false, { message: 'User not validate in fb' });
        })
        .catch(function (error) {
            //Servicio firebase caido o no funciona pero devuelvo el usuario
            const user = {
                phone: phone,
                fbuid: fbuid
            };
            return done(null, user, error);
        })
    } catch (error) {
        return done(null, false, error);
    }
}));


// JWT
passport.use('jwt', new CustomStrategy(async (req, done) => {
    
    const token = ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null);

    if (!token) {
        //console.log('no tengo token');
        return done(null, false, { message: 'Unauthorized. Token missing.'});
    }

    const result = securityHelper.verify(token);
    //console.log('token result => ', result);
    
    if (result && result.id) {
        //recuperamos el usuario de la petición
        let user = await authService.extraMethods.findUser({ id: result.id });
        if (user) {
            user = user.toJSON();
            delete user.password;
            //console.log('Usuario encontrado', user);
            return done(null, user, { message: 'Logged in Successfully' });
        }
        else {
            //console.log('Usuario no encontrado');
            return done(null, false, { message: 'Unauthorized. User not found.' });
        }            
    }
    else {
        //console.log('Token no válido');
        return done(null, false, { message: 'Unauthorized. Invalid token.' });
    }
 
}));
. 2019-04-24 21:01:54 +00:00			`const _ = require('lodash');`
			`const passport = require('passport');`
a 2019-07-21 13:30:49 +00:00			`const crypto = require('crypto');`
. 2019-04-24 21:01:54 +00:00			`const { Strategy: LocalStrategy } = require('passport-local');`
Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`const { Strategy: CustomStrategy } = require('passport-custom');`
. 2019-04-24 21:01:54 +00:00
			`const models = require('./models');`
			`const securityHelper = require('../helpers/security.helper');`
routes de eventos 2019-07-10 17:26:22 +00:00			`const authService = require('../modules/auth/auth.service');`
. 2019-04-24 21:01:54 +00:00
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`/**`
			`* Validación sobre firebase`
			`*/`
register bien 2019-07-09 13:59:58 +00:00			`var firebase_admin = require('firebase-admin');`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`var serviceAccount = require('../firebase-key.json');`
register bien 2019-07-09 13:59:58 +00:00			`firebase_admin.initializeApp({`
			`credential: firebase_admin.credential.cert(serviceAccount),`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`databaseURL: "https://app-lqdvi-v2.firebaseio.com"`
			`});`
. 2019-04-24 21:01:54 +00:00
			`passport.serializeUser((user, done) => {`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`console.log('serializarUsuario');`
. 2019-04-24 21:01:54 +00:00			`done(null, user.id);`
			`});`

			`passport.deserializeUser((id, done) => {`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`console.log('desserializarUsuario');`
. 2019-04-24 21:01:54 +00:00			`models.User.findById(id, (err, user) => {`
			`done(err, user);`
			`});`
			`});`

			`/**`
			`* Sign in using Email and Password.`
			`*/`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`const localEmailOptions = {`
. 2019-04-24 21:01:54 +00:00			`usernameField: 'email',`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`passwordField: 'password',`
. 2019-04-24 21:01:54 +00:00			`}`

Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`passport.use('local-email', new LocalStrategy(localEmailOptions, async (email, password, done) => {`
. 2019-04-24 21:01:54 +00:00			`try {`
. 2019-08-07 13:55:58 +00:00			`let user = await authService.extraMethods.findUser({ email });`
. 2019-04-24 21:01:54 +00:00			`if (_.isNull(user)) {`
			`return done(null, false, { message: 'User not found' })`
			`} else {`
a 2019-07-21 13:30:49 +00:00			`var password_encoded = crypto.createHash('sha512').update(password).digest('hex');`
			`const isPasswordValid = await user.comparePassword(password_encoded);`
. 2019-04-24 21:01:54 +00:00			`if (!isPasswordValid) {`
			`return done(null, false, { message: 'Wrong Password' })`
			`} else {`
. 2019-08-06 17:23:56 +00:00			`user = user.toJSON();`
. 2019-05-09 16:23:54 +00:00			`delete user.password;`
. 2019-04-24 21:01:54 +00:00			`return done(null, user, { message: 'Logged in Successfully' });`
			`}`
			`}`
			`} catch (error) {`
			`return done(error);`
			`}`
			`}));`

Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00
			`/**`
			`* Register using phone.`
			`*/`
			`const localPhoneOptions = {`
			`usernameField: 'phone',`
			`passwordField: 'fbuid',`
			`}`

			`passport.use('local-phone', new LocalStrategy(localPhoneOptions, async (phone, fbuid, done) => {`
			`try {`
register bien 2019-07-09 13:59:58 +00:00			`firebase_admin.auth().getUserByPhoneNumber(phone)`
			`.then(function(userRecord) {`
			`if (userRecord && userRecord.toJSON().uid == fbuid) {`
			`if (userRecord.toJSON().disabled)`
			`return done(null, false, { message: 'User disabled in fb' })`
			`else`
. 2019-08-03 17:11:32 +00:00			`return done(null, userRecord.toJSON(), { message: 'Register user' });`
register bien 2019-07-09 13:59:58 +00:00			`}`
			`else`
			`return done(null, false, { message: 'User not validate in fb' });`
			`})`
			`.catch(function (error) {`
			`//Servicio firebase caido o no funciona pero devuelvo el usuario`
. 2019-08-03 17:11:32 +00:00			`const user = {`
			`phone: phone,`
			`fbuid: fbuid`
			`};`
register bien 2019-07-09 13:59:58 +00:00			`return done(null, user, error);`
			`})`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`} catch (error) {`
			`return done(null, false, error);`
			`}`
			`}));`

. 2019-04-24 21:01:54 +00:00
Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`// JWT`
			`passport.use('jwt', new CustomStrategy(async (req, done) => {`
. 2019-08-05 10:55:24 +00:00
Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`const token = ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null);`
. 2019-08-03 17:11:32 +00:00
Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`if (!token) {`
a 2019-08-19 10:46:14 +00:00			`//console.log('no tengo token');`
. 2019-08-04 07:29:13 +00:00			`return done(null, false, { message: 'Unauthorized. Token missing.'});`
. 2019-04-24 21:01:54 +00:00			`}`
Acceso JWT implementado 2019-07-09 12:52:22 +00:00
. 2019-07-21 13:57:56 +00:00			`const result = securityHelper.verify(token);`
. 2019-08-18 21:15:34 +00:00			`//console.log('token result => ', result);`
. 2019-08-04 07:29:13 +00:00
. 2019-08-09 11:28:35 +00:00			`if (result && result.id) {`
a 2019-07-21 14:12:13 +00:00			`//recuperamos el usuario de la petición`
. 2019-08-05 10:55:24 +00:00			`let user = await authService.extraMethods.findUser({ id: result.id });`
. 2019-08-05 15:34:59 +00:00			`if (user) {`
. 2019-08-06 17:23:56 +00:00			`user = user.toJSON();`
			`delete user.password;`
. 2019-08-18 21:15:34 +00:00			`//console.log('Usuario encontrado', user);`
a 2019-07-21 14:19:25 +00:00			`return done(null, user, { message: 'Logged in Successfully' });`
			`}`
. 2019-08-05 15:34:59 +00:00			`else {`
. 2019-08-18 21:15:34 +00:00			`//console.log('Usuario no encontrado');`
. 2019-08-04 07:29:13 +00:00			`return done(null, false, { message: 'Unauthorized. User not found.' });`
. 2019-08-06 17:23:56 +00:00			`}`
. 2019-07-21 13:57:56 +00:00			`}`
			`else {`
. 2019-08-18 21:15:34 +00:00			`//console.log('Token no válido');`
. 2019-08-04 07:29:13 +00:00			`return done(null, false, { message: 'Unauthorized. Invalid token.' });`
. 2019-07-21 13:57:56 +00:00			`}`

. 2019-04-24 21:01:54 +00:00			`}));`