lqdvi/app2-api
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

Implementación de refresh token

Browse Source
This commit is contained in:
David Arranz 2019-07-09 12:14:18 +02:00
parent 1362478998
commit 9a279c966f
8 changed files with 76 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/environments/development.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: { session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o", secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '99d' token_expires_in: '5'
}, },
server: { server: {

2
config/environments/production.js
View File

@ -9,7 +9,7 @@ module.exports = {
session: { session: {
secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o", secret_token: process.env.SECRET_TOKEN || "B57J=7B`NQ$y98|~5;hc715bo09^5oz8NR+]n9r~215B91Nd9P%25_N6r!GHcOKp|18y5-73Dr5^@9k7n]5l<-41D1o",
token_expires_in: '24h' token_expires_in: '5'
}, },
server: { server: {

6
helpers/security.helper.js
View File

@ -1,6 +1,7 @@
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
const randtoken = require('rand-token');
const bCrypt = require('bcrypt'); const bCrypt = require('bcrypt');
const config = require('../config'); const config = require('../config');
@ -53,7 +54,10 @@ const _sign = (payload, options) => {
algorithm: "RS256" algorithm: "RS256"
}; };
return jwt.sign(payload, privateKEY, signOptions); const token = jwt.sign(payload, privateKEY, signOptions);
const refreshToken = randtoken.uid(256);
refreshToken[refreshToken] = payload;
return { token, refreshToken };
} }
const _verify = (token, options) => { const _verify = (token, options) => {

61
modules/auth/auth.controller.js
View File

@ -15,12 +15,6 @@ const authService = require('./auth.service');
// Module Name // Module Name
const MODULE_NAME = '[auth.controller]'; const MODULE_NAME = '[auth.controller]';
// Error Messages
const NOT_FOUND = 'Videogame not found';
// Success Messages
const VG_CT_VIDEOGAME_DELETED_SUCCESSFULLY = 'Videogame deleted successfully';
//////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////
// PUBLIC METHODS // PUBLIC METHODS
//////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////
@ -32,8 +26,11 @@ async function login(req, res, next) {
email: req.user.email email: req.user.email
}; };
res.json({ const tokens = securityHelper.generateToken(data);
token: securityHelper.generateToken(data),
res.status(httpStatus.OK).json({
token: tokens.token,
refreshToken: tokens.refreshToken,
user: data, user: data,
}); });
} catch (error) { } catch (error) {
@ -43,37 +40,67 @@ async function login(req, res, next) {
async function register(req, res, next) { async function register(req, res, next) {
try { try {
console.log('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>regsitro'); console.log('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>regsitro');
const values = { const values = {
phone: req.body.phone, phone: req.body.phone,
platform: req.body.fbuid platform: req.body.fbuid
}; };
const token = securityHelper.generateToken(values); const tokens = securityHelper.generateToken(values);
console.log(tokens)
const data = { const data = {
token : token, token: tokens.refreshToken,
phone: req.body.phone, phone: req.body.phone,
fbuid: req.body.fbuid, fbuid: req.body.fbuid,
email: req.body.email, email: req.body.email,
name: req.body.name, name: req.body.name,
surname: req.body.surname, surname: req.body.surname,
entityid: req.body.entityid, entityid: req.body.entityid,
accessibility: req.body.accessibility accessibility: req.body.accesssibility
}; };
console.log(data); console.log(data);
res.json({
user: await authService.extraMethods.createUser(data),
});
const newUser = await authService.extraMethods.createUser(data);
const result = {
token: 'JWT ' + tokens.token,
user: newUser,
};
console.log(result);
return controllerHelper.handleResultResponse(result, null, req.params, res, httpStatus.OK);
} catch (error) { } catch (error) {
controllerHelper.handleErrorResponse(MODULE_NAME, register.name, error, res) console.log(error);
controllerHelper.handleErrorResponse(MODULE_NAME, register.name, error, res);
}
}
async function regenerateToken(req, res, next) {
const refreshToken = req.body.refreshToken;
const phone = req.body.phone;
const user = await authService.extraMethods.findUserByRefreshToken(refreshToken);
if (user && user.phone === phone) {
const values = {
phone: user.phone,
platform: user.fbuid
};
try {
const tokens = securityHelper.generateToken(values);
await authService.extraMethods.updateUserRefreshToken(user.id, tokens.refreshToken);
const result = { token: 'JWT ' + tokens.token };
return controllerHelper.handleResultResponse(result, null, req.params, res, httpStatus.OK);
} catch(error) {
controllerHelper.handleErrorResponse(MODULE_NAME, regenerateToken.name, error, res);
}
} else {
return controllerHelper.handleResultResponse(null, null, req.params, res, httpStatus.UNAUTHORIZED);
} }
} }
module.exports = { module.exports = {
login, login,
register, register,
regenerateToken,
MODULE_NAME MODULE_NAME
} }

4
modules/auth/auth.routes.js
View File

@ -29,4 +29,8 @@ routes.get('/pepepe', AccessValidator.isLoggedUser,
} }
); );
routes.post('/token',
authController.regenerateToken,
);
module.exports = routes; module.exports = routes;

18
modules/auth/auth.service.js
View File

@ -17,6 +17,24 @@ const extraMethods = {
return result; return result;
// }); // });
}, },
findUserByRefreshToken: async(refreshToken) => {
return await models.User.findOne({
where: {
token: refreshToken,
state: 'active'
}
})
},
updateUserRefreshToken: async(userId, newRefreshToken) => {
return await models.User.update(
{ token: newRefreshToken },
{ where: { id: userId }}
);
}
} }
module.exports = { module.exports = {

4
modules/auth/user.model.js
View File

@ -42,11 +42,11 @@ module.exports = function (sequelize, DataTypes) {
defaultValue: true, defaultValue: true,
}, },
token: { token: {
type: DataTypes.STRING, type: DataTypes.STRING(512),
}, },
state: { state: {
type: DataTypes.STRING, type: DataTypes.STRING,
defaultValue: 'borrador', defaultValue: 'active',
}, },
lastlogin: { lastlogin: {
type: DataTypes.DATE, type: DataTypes.DATE,

1
package.json
View File

@ -48,6 +48,7 @@
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"path": "^0.12.7", "path": "^0.12.7",
"pino": "^4.7.1", "pino": "^4.7.1",
"rand-token": "^0.4.0",
"response-time": "^2.3.2", "response-time": "^2.3.2",
"sequelize": "^5.3.5", "sequelize": "^5.3.5",
"vm": "^0.1.0", "vm": "^0.1.0",