lqdvi/app2-api
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

Implementación de refresh token

Browse Source
This commit is contained in:
David Arranz 2019-07-09 12:14:18 +02:00
parent 1362478998
commit 9a279c966f
8 changed files with 76 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/environments/development.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '99d'
token_expires_in: '5'
},
server: {

2
config/environments/production.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '24h'
token_expires_in: '5'
},
server: {

6
helpers/security.helper.js
View File

@ -1,6 +1,7 @@
const fs = require('fs');
const path = require('path');
const jwt = require('jsonwebtoken');
const randtoken = require('rand-token');
const bCrypt = require('bcrypt');
const config = require('../config');
@ -53,7 +54,10 @@ const _sign = (payload, options) => {
algorithm: "RS256"
};
return jwt.sign(payload, privateKEY, signOptions);
const token = jwt.sign(payload, privateKEY, signOptions);
const refreshToken = randtoken.uid(256);
refreshToken[refreshToken] = payload;
return { token, refreshToken };
}
const _verify = (token, options) => {

61
modules/auth/auth.controller.js
View File

@ -15,12 +15,6 @@ const authService = require('./auth.service');
// Module Name
const MODULE_NAME = '[auth.controller]';
// Error Messages
const NOT_FOUND = 'Videogame not found';
// Success Messages
const VG_CT_VIDEOGAME_DELETED_SUCCESSFULLY = 'Videogame deleted successfully';
////////////////////////////////////////////////////////////////////////////////
// PUBLIC METHODS
////////////////////////////////////////////////////////////////////////////////
@ -32,8 +26,11 @@ async function login(req, res, next) {
email: req.user.email
};
res.json({
token: securityHelper.generateToken(data),
const tokens = securityHelper.generateToken(data);
res.status(httpStatus.OK).json({
token: tokens.token,
refreshToken: tokens.refreshToken,
user: data,
});
} catch (error) {
@ -43,37 +40,67 @@ async function login(req, res, next) {
async function register(req, res, next) {
try {
console.log('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>regsitro');
console.log('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>regsitro');
const values = {
phone: req.body.phone,
platform: req.body.fbuid
};
const token = securityHelper.generateToken(values);
const tokens = securityHelper.generateToken(values);
console.log(tokens)
const data = {
token : token,
token: tokens.refreshToken,
phone: req.body.phone,
fbuid: req.body.fbuid,
email: req.body.email,
name: req.body.name,
surname: req.body.surname,
entityid: req.body.entityid,
accessibility: req.body.accessibility
accessibility: req.body.accesssibility
};
console.log(data);
res.json({
user: await authService.extraMethods.createUser(data),
});
const newUser = await authService.extraMethods.createUser(data);
const result = {
token: 'JWT ' + tokens.token,
user: newUser,
};
console.log(result);
return controllerHelper.handleResultResponse(result, null, req.params, res, httpStatus.OK);
} catch (error) {
controllerHelper.handleErrorResponse(MODULE_NAME, register.name, error, res)
console.log(error);
controllerHelper.handleErrorResponse(MODULE_NAME, register.name, error, res);
}
}
async function regenerateToken(req, res, next) {
const refreshToken = req.body.refreshToken;
const phone = req.body.phone;
const user = await authService.extraMethods.findUserByRefreshToken(refreshToken);
if (user && user.phone === phone) {
const values = {
phone: user.phone,
platform: user.fbuid
};
try {
const tokens = securityHelper.generateToken(values);
await authService.extraMethods.updateUserRefreshToken(user.id, tokens.refreshToken);
const result = { token: 'JWT ' + tokens.token };
return controllerHelper.handleResultResponse(result, null, req.params, res, httpStatus.OK);
} catch(error) {
controllerHelper.handleErrorResponse(MODULE_NAME, regenerateToken.name, error, res);
}
} else {
return controllerHelper.handleResultResponse(null, null, req.params, res, httpStatus.UNAUTHORIZED);
}
}
module.exports = {
login,
register,
regenerateToken,
MODULE_NAME
}

4
modules/auth/auth.routes.js
View File

@ -29,4 +29,8 @@ routes.get('/pepepe', AccessValidator.isLoggedUser,
}
);
routes.post('/token',
authController.regenerateToken,
);
module.exports = routes;

18
modules/auth/auth.service.js
View File

@ -17,6 +17,24 @@ const extraMethods = {
return result;
// });
},
findUserByRefreshToken: async(refreshToken) => {
return await models.User.findOne({
where: {
token: refreshToken,
state: 'active'
}
})
},
updateUserRefreshToken: async(userId, newRefreshToken) => {
return await models.User.update(
{ token: newRefreshToken },
{ where: { id: userId }}
);
}
}
module.exports = {

4
modules/auth/user.model.js
View File

@ -42,11 +42,11 @@ module.exports = function (sequelize, DataTypes) {
defaultValue: true,
},
token: {
type: DataTypes.STRING,
type: DataTypes.STRING(512),
},
state: {
type: DataTypes.STRING,
defaultValue: 'borrador',
defaultValue: 'active',
},
lastlogin: {
type: DataTypes.DATE,

1
package.json
View File

@ -48,6 +48,7 @@
"passport-local": "^1.0.0",
"path": "^0.12.7",
"pino": "^4.7.1",
"rand-token": "^0.4.0",
"response-time": "^2.3.2",
"sequelize": "^5.3.5",
"vm": "^0.1.0",