lqdvi/app2-api
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

Acceso JWT implementado

Browse Source
This commit is contained in:
David Arranz 2019-07-09 14:52:22 +02:00
parent 92e4ccbb3c
commit 755c5c6fa8
7 changed files with 20 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/environments/development.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: { session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o", secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '300' token_expires_in: '12h'
}, },
server: { server: {

2
config/environments/production.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: { session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o", secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '300' token_expires_in: '12h'
}, },
server: { server: {

25
core/passport.js
View File

@ -1,7 +1,7 @@
const _ = require('lodash'); const _ = require('lodash');
const passport = require('passport'); const passport = require('passport');
const { Strategy: LocalStrategy } = require('passport-local'); const { Strategy: LocalStrategy } = require('passport-local');
const { Strategy: JWTStrategy} = require('passport-jwt'); const { Strategy: CustomStrategy } = require('passport-custom');
const models = require('./models'); const models = require('./models');
const securityHelper = require('../helpers/security.helper'); const securityHelper = require('../helpers/security.helper');
@ -104,22 +104,15 @@ console.log('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><');
} }
})); }));
// JWT
passport.use('jwt', new JWTStrategy(securityHelper.jwtOptions, async (jwtPayload, done) => {
try {
const user = await models.User.findOne({
attributes: { exclude: [ 'password' ] },
where: { id: jwtPayload.id },
raw: true
});
if (_.isNull(user)) { // JWT
return done(null, false, { message: 'User not found' }) passport.use('jwt', new CustomStrategy(async (req, done) => {
} else { const token = ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null);
return done(null, user, { message: 'User found' }); console.log(token);
} if (!token) {
} catch (error) { return done(null, false, { message: 'Unauthorized'});
return done(error);
} }
return done(null, securityHelper.verify(token));
})); }));

3
helpers/security.helper.js
View File

@ -8,7 +8,6 @@ const config = require('../config');
const privateKEY = fs.readFileSync(path.join(__dirname, '..', 'private.key'), 'utf8'); const privateKEY = fs.readFileSync(path.join(__dirname, '..', 'private.key'), 'utf8');
const publicKEY = fs.readFileSync(path.join(__dirname, '..', 'public.key'), 'utf8'); const publicKEY = fs.readFileSync(path.join(__dirname, '..', 'public.key'), 'utf8');
const signOptions = { const signOptions = {
issuer: 'Fundación LQDVI', issuer: 'Fundación LQDVI',
subject: 'info@loquedeverdadimporta.org', subject: 'info@loquedeverdadimporta.org',
@ -92,7 +91,7 @@ const _decode = (token) => {
module.exports = { module.exports = {
jwtOptions: { jwtOptions: {
jwtFromRequest: (req) => ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null), jwtFromRequest: (req) => { console.log(req.headers); return ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null) },
secretOrKey: publicKEY, secretOrKey: publicKEY,
...signOptions, ...signOptions,
}, },

6
modules/auth/auth.routes.js
View File

@ -35,6 +35,7 @@ routes.get('/test_jwt', AccessValidator.isLoggedUser,
} }
); );
routes.post('/token', routes.post('/token',
authController.regenerateToken, authController.regenerateToken,
); );
@ -43,5 +44,10 @@ routes.post('/token/reject',
authController.rejectToken, authController.rejectToken,
); );
routes.post('/prueba', AccessValidator.isLoggedUser,
function (req, res) {
res.json({ success: 'You are authenticated with JWT!', user: req.user })
}
);
module.exports = routes; module.exports = routes;

2
package.json
View File

@ -44,7 +44,7 @@
"node-fetch": "^2.3.0", "node-fetch": "^2.3.0",
"os": "^0.1.1", "os": "^0.1.1",
"passport": "^0.4.0", "passport": "^0.4.0",
"passport-jwt": "^4.0.0", "passport-custom": "^1.0.5",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"path": "^0.12.7", "path": "^0.12.7",
"pino": "^4.7.1", "pino": "^4.7.1",

2
server.js
View File

@ -49,7 +49,7 @@ server.on('error', err => {
}); });
try { try {
models.sequelize.sync({ force: false }).then(() => { models.sequelize.sync({ force: true }).then(() => {
// Launch server. // Launch server.
server.listen(currentState.port, (err) => { server.listen(currentState.port, (err) => {
if (err) { if (err) {