app2-api/core/passport.js

const _ = require("lodash");
const passport = require("passport");
const crypto = require("crypto");
const { Strategy: LocalStrategy } = require("passport-local");
const { Strategy: CustomStrategy } = require("passport-custom");

const models = require("./models");
const securityHelper = require("../helpers/security.helper");
const authService = require("../modules/auth/auth.service");
const userService = require("../modules/auth/user.service");

/**
 * Validación sobre firebase
 */
var firebase_admin = require("firebase-admin");
var serviceAccount = require("../firebase-key.json");
firebase_admin.initializeApp({
  credential: firebase_admin.credential.cert(serviceAccount),
  databaseURL: "https://app-lqdvi-v2.firebaseio.com",
});

passport.serializeUser((user, done) => {
  console.log("serializarUsuario");
  done(null, user.id);
});

passport.deserializeUser((id, done) => {
  console.log("desserializarUsuario");
  models.User.findById(id, (err, user) => {
    done(err, user);
  });
});

/**
 * Sign in using Email and Password.
 */
const localEmailOptions = {
  usernameField: "email",
  passwordField: "password",
};

passport.use(
  "local-email",
  new LocalStrategy(localEmailOptions, async (email, password, done) => {
    try {
      let user = await authService.extraMethods.findUser({ email });
      if (_.isNull(user)) {
        return done(null, false, { message: "User not found" });
      } else {
        var password_encoded = crypto
          .createHash("sha512")
          .update(password)
          .digest("hex");
        const isPasswordValid = await user.comparePassword(password_encoded);
        if (!isPasswordValid) {
          return done(null, false, { message: "Wrong Password" });
        } else {
          user = user.toJSON();
          delete user.password;
          return done(null, user, { message: "Logged in Successfully" });
        }
      }
    } catch (error) {
      return done(error);
    }
  })
);

/**
 * Register using phone.
 */
const localPhoneOptions = {
  usernameField: "phone",
  passwordField: "fbuid",
};

passport.use(
  "local-phone",
  new LocalStrategy(localPhoneOptions, async (phone, fbuid, done) => {
    try {
      console.log("PASSPORT - local-phone");
      firebase_admin
        .auth()
        .getUserByPhoneNumber(phone)
        .then(function (userRecord) {
          if (userRecord && userRecord.toJSON().uid == fbuid) {
            if (userRecord.toJSON().disabled)
              return done(null, false, { message: "User disabled in fb" });
            else
              return done(null, userRecord.toJSON(), {
                message: "Register user",
              });
          } else return done(null, false, { message: "User not validate in fb" });
        })
        .catch(function (error) {
          //Servicio firebase caido o no funciona pero devuelvo el usuario
          const user = {
            phone: phone,
            fbuid: fbuid,
          };
          return done(null, user, error);
        });
    } catch (error) {
      return done(null, false, error);
    }
  })
);

/**
 * 
 */
passport.use("api-key",
  new CustomStrategy(async (req, done) => {
    const token =
      req && req.headers && req.headers["x-access-key"]
        ? req.headers["x-access-key"]
        : null;

    if (!token) {
      console.error("Unauthorized. API KEY missing.");
      return done(null, false, { message: "Unauthorized. API KEY missing." });
    }

    const result = securityHelper.verify(token);
    if (result) {
      console.log('Valid API KEY');
      return done(null, {}, { message: "Valid API KEY" });
    } else {
      //console.log('Token no válido');
      console.error("Unauthorized. Invalid token.");
      return done(null, false, { message: "Unauthorized. Invalid API KEY." });
    }
  })
);

// JWT
passport.use(
  "jwt",
  new CustomStrategy(async (req, done) => {
    const token =
      req && req.headers && req.headers["x-access-token"]
        ? req.headers["x-access-token"]
        : null;
    const appVersion =
      req && req.headers && req.headers["accept-version"]
        ? req.headers["accept-version"]
        : null;
    console.log("appVersion: ", appVersion);

    if (!token) {
      console.error("Unauthorized. Token missing.");
      return done(null, false, { message: "Unauthorized. Token missing." });
    }

    const result = securityHelper.verify(token);
    //console.log('token result => ', result);

    if (result && result.id) {
      //recuperamos el usuario de la petición
      let user = await authService.extraMethods.findUser({ id: result.id });
      if (user) {
        user = user.toJSON();
        userService._updateLastLoginAndVersionUser(
          user.id,
          appVersion
        );
        user.app_version = appVersion;
        user.token = token;
        delete user.password;

        console.log("Logged in Successfully");
        console.log(user);
        return done(null, user, { message: "Logged in Successfully" });
      } else {
        console.error("Unauthorized. User not found.");
        return done(null, false, { message: "Unauthorized. User not found." });
      }
    } else {
      //console.log('Token no válido');
      console.error("Unauthorized. Invalid token.");
      return done(null, false, { message: "Unauthorized. Invalid token." });
    }
  })
);
. 2022-02-18 19:32:30 +00:00			`const _ = require("lodash");`
			`const passport = require("passport");`
			`const crypto = require("crypto");`
			`const { Strategy: LocalStrategy } = require("passport-local");`
			`const { Strategy: CustomStrategy } = require("passport-custom");`
. 2019-04-24 21:01:54 +00:00
. 2022-02-18 19:32:30 +00:00			`const models = require("./models");`
			`const securityHelper = require("../helpers/security.helper");`
			`const authService = require("../modules/auth/auth.service");`
			`const userService = require("../modules/auth/user.service");`
. 2019-04-24 21:01:54 +00:00
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`/**`
			`* Validación sobre firebase`
			`*/`
. 2022-02-18 19:32:30 +00:00			`var firebase_admin = require("firebase-admin");`
			`var serviceAccount = require("../firebase-key.json");`
register bien 2019-07-09 13:59:58 +00:00			`firebase_admin.initializeApp({`
. 2022-02-18 19:32:30 +00:00			`credential: firebase_admin.credential.cert(serviceAccount),`
			`databaseURL: "https://app-lqdvi-v2.firebaseio.com",`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`});`
. 2019-04-24 21:01:54 +00:00
			`passport.serializeUser((user, done) => {`
. 2022-02-18 19:32:30 +00:00			`console.log("serializarUsuario");`
			`done(null, user.id);`
. 2019-04-24 21:01:54 +00:00			`});`

			`passport.deserializeUser((id, done) => {`
. 2022-02-18 19:32:30 +00:00			`console.log("desserializarUsuario");`
			`models.User.findById(id, (err, user) => {`
			`done(err, user);`
			`});`
. 2019-04-24 21:01:54 +00:00			`});`

			`/**`
			`* Sign in using Email and Password.`
			`*/`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`const localEmailOptions = {`
. 2022-02-18 19:32:30 +00:00			`usernameField: "email",`
			`passwordField: "password",`
			`};`
. 2019-04-24 21:01:54 +00:00
. 2022-02-18 19:32:30 +00:00			`passport.use(`
			`"local-email",`
			`new LocalStrategy(localEmailOptions, async (email, password, done) => {`
. 2019-04-24 21:01:54 +00:00			`try {`
. 2022-02-18 19:32:30 +00:00			`let user = await authService.extraMethods.findUser({ email });`
			`if (_.isNull(user)) {`
			`return done(null, false, { message: "User not found" });`
			`} else {`
			`var password_encoded = crypto`
			`.createHash("sha512")`
			`.update(password)`
			`.digest("hex");`
			`const isPasswordValid = await user.comparePassword(password_encoded);`
			`if (!isPasswordValid) {`
			`return done(null, false, { message: "Wrong Password" });`
. 2019-04-24 21:01:54 +00:00			`} else {`
. 2022-02-18 19:32:30 +00:00			`user = user.toJSON();`
			`delete user.password;`
			`return done(null, user, { message: "Logged in Successfully" });`
. 2019-04-24 21:01:54 +00:00			`}`
. 2022-02-18 19:32:30 +00:00			`}`
. 2019-04-24 21:01:54 +00:00			`} catch (error) {`
. 2022-02-18 19:32:30 +00:00			`return done(error);`
. 2019-04-24 21:01:54 +00:00			`}`
. 2022-02-18 19:32:30 +00:00			`})`
			`);`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00
			`/**`
			`* Register using phone.`
			`*/`
			`const localPhoneOptions = {`
. 2022-02-18 19:32:30 +00:00			`usernameField: "phone",`
			`passwordField: "fbuid",`
			`};`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00
. 2022-02-18 19:32:30 +00:00			`passport.use(`
			`"local-phone",`
			`new LocalStrategy(localPhoneOptions, async (phone, fbuid, done) => {`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`try {`
. 2022-02-18 19:32:30 +00:00			`console.log("PASSPORT - local-phone");`
			`firebase_admin`
			`.auth()`
			`.getUserByPhoneNumber(phone)`
			`.then(function (userRecord) {`
			`if (userRecord && userRecord.toJSON().uid == fbuid) {`
			`if (userRecord.toJSON().disabled)`
			`return done(null, false, { message: "User disabled in fb" });`
			`else`
			`return done(null, userRecord.toJSON(), {`
			`message: "Register user",`
			`});`
			`} else return done(null, false, { message: "User not validate in fb" });`
register bien 2019-07-09 13:59:58 +00:00			`})`
			`.catch(function (error) {`
. 2022-02-18 19:32:30 +00:00			`//Servicio firebase caido o no funciona pero devuelvo el usuario`
			`const user = {`
			`phone: phone,`
			`fbuid: fbuid,`
			`};`
			`return done(null, user, error);`
			`});`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`} catch (error) {`
. 2022-02-18 19:32:30 +00:00			`return done(null, false, error);`
Modelos eventos, multimedia ... y conexion auth con firebase 2019-06-21 08:40:28 +00:00			`}`
. 2022-02-18 19:32:30 +00:00			`})`
			`);`
. 2019-04-24 21:01:54 +00:00
Borrado de un usuario, API KEY 2022-12-07 12:45:54 +00:00			`/**`
			`*`
			`*/`
			`passport.use("api-key",`
			`new CustomStrategy(async (req, done) => {`
			`const token =`
			`req && req.headers && req.headers["x-access-key"]`
			`? req.headers["x-access-key"]`
			`: null;`

			`if (!token) {`
			`console.error("Unauthorized. API KEY missing.");`
			`return done(null, false, { message: "Unauthorized. API KEY missing." });`
			`}`

			`const result = securityHelper.verify(token);`
			`if (result) {`
			`console.log('Valid API KEY');`
. 2024-08-30 09:14:50 +00:00			`return done(null, {}, { message: "Valid API KEY" });`
Borrado de un usuario, API KEY 2022-12-07 12:45:54 +00:00			`} else {`
			`//console.log('Token no válido');`
			`console.error("Unauthorized. Invalid token.");`
			`return done(null, false, { message: "Unauthorized. Invalid API KEY." });`
			`}`
			`})`
			`);`

Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`// JWT`
. 2022-02-18 19:32:30 +00:00			`passport.use(`
			`"jwt",`
			`new CustomStrategy(async (req, done) => {`
			`const token =`
			`req && req.headers && req.headers["x-access-token"]`
			`? req.headers["x-access-token"]`
			`: null;`
			`const appVersion =`
			`req && req.headers && req.headers["accept-version"]`
			`? req.headers["accept-version"]`
			`: null;`
			`console.log("appVersion: ", appVersion);`
. 2019-08-03 17:11:32 +00:00
Acceso JWT implementado 2019-07-09 12:52:22 +00:00			`if (!token) {`
. 2022-02-18 19:32:30 +00:00			`console.error("Unauthorized. Token missing.");`
			`return done(null, false, { message: "Unauthorized. Token missing." });`
. 2019-04-24 21:01:54 +00:00			`}`
Acceso JWT implementado 2019-07-09 12:52:22 +00:00
. 2019-07-21 13:57:56 +00:00			`const result = securityHelper.verify(token);`
. 2019-08-18 21:15:34 +00:00			`//console.log('token result => ', result);`
. 2022-02-18 19:32:30 +00:00
. 2019-08-09 11:28:35 +00:00			`if (result && result.id) {`
. 2022-02-18 19:32:30 +00:00			`//recuperamos el usuario de la petición`
			`let user = await authService.extraMethods.findUser({ id: result.id });`
			`if (user) {`
			`user = user.toJSON();`
v3 2022-03-16 09:08:33 +00:00			`userService._updateLastLoginAndVersionUser(`
. 2022-02-18 19:32:30 +00:00			`user.id,`
			`appVersion`
			`);`
			`user.app_version = appVersion;`
			`user.token = token;`
			`delete user.password;`
. 2019-11-13 11:01:50 +00:00
. 2022-02-18 19:32:30 +00:00			`console.log("Logged in Successfully");`
			`console.log(user);`
			`return done(null, user, { message: "Logged in Successfully" });`
			`} else {`
			`console.error("Unauthorized. User not found.");`
			`return done(null, false, { message: "Unauthorized. User not found." });`
			`}`
			`} else {`
			`//console.log('Token no válido');`
			`console.error("Unauthorized. Invalid token.");`
			`return done(null, false, { message: "Unauthorized. Invalid token." });`
. 2019-07-21 13:57:56 +00:00			`}`
. 2022-02-18 19:32:30 +00:00			`})`
			`);`