diff --git a/middlewares/accessValidator.js b/middlewares/accessValidator.js index 4542fb6..209907c 100644 --- a/middlewares/accessValidator.js +++ b/middlewares/accessValidator.js @@ -1,19 +1,9 @@ 'use strict'; -const passportJWT = require("passport-jwt"); -const JWTStrategy = passportJWT.Strategy; -const ExtractJWT = passportJWT.ExtractJwt; -const config = require('../config'); +const passport = require('passport'); -/** - * Login Required middleware. - */ -exports.isAuthenticated = (req, res, next) => { - if (req.isAuthenticated()) { - return next(); - } - res.redirect('/login'); -}; +exports.isRegisteresUser = passport.authenticate('local', { session: false }); +exports.isLoggedUser = passport.authenticate('jwt', { session: false }); /** * Authorization Required middleware. diff --git a/modules/auth/auth.controller.js b/modules/auth/auth.controller.js index f01b278..ac9da5a 100644 --- a/modules/auth/auth.controller.js +++ b/modules/auth/auth.controller.js @@ -28,42 +28,18 @@ const VG_CT_VIDEOGAME_DELETED_SUCCESSFULLY = 'Videogame deleted successfully'; async function login(req, res, next) { try { - passport.authenticate('local', { session: false }, async (error, user, info) => { - try { - if (!user) { - return res.status(httpStatus.NOT_FOUND).json(messageHelper.buildMessage(NOT_FOUND)); - } - - req.login(user, { session: false }, async (error) => { - if (error) { - return controllerHelper.handleErrorResponse(MODULE_NAME, login.name, error, res); - } - - //We don't want to store the sensitive information such as the - //user password in the token so we pick only the email and id - const data = { - id: user.id, - email: user.email - }; - - //Send back the token to the user - return res.json({ - token: securityHelper.generateToken({ user: data }), - user: { - id: data.id, - email: data.email - }, - }); - }); - } catch (error) { - return next(error); - } - })(req, res, next); + const data = { + id: req.user.id, + email: req.user.email + }; + res.json({ + token: securityHelper.generateToken(data), + user: data, + }); } catch (error) { controllerHelper.handleErrorResponse(MODULE_NAME, login.name, error, res) } - } module.exports = { diff --git a/modules/auth/auth.routes.js b/modules/auth/auth.routes.js index a8a740e..57f7a3d 100644 --- a/modules/auth/auth.routes.js +++ b/modules/auth/auth.routes.js @@ -2,8 +2,8 @@ const routes = require('express').Router(); const passport = require('passport'); const authController = require('./auth.controller'); const authValidation = require('./auth.validations'); -const securityHelper = require('../../helpers/security.helper'); const SchemaValidator = require('../../middlewares/schemaValidator'); +const AccessValidator = require('../../middlewares/accessValidator'); //const postService = require('./post.service')(models.Post); //const postController = require('./post.controller')(postService); @@ -12,24 +12,15 @@ const SchemaValidator = require('../../middlewares/schemaValidator'); //const postHandler = new ModelHandler(models.Post); routes.post('/auth', - SchemaValidator(authValidation.login, true), - passport.authenticate('local'), - function (req, res, next) { - const data = { - id: req.user.id, - email: req.user.email - }; - - return res.json({ - token: securityHelper.generateToken(data), - user: data, - }); - } - //authController.login + SchemaValidator(authValidation.LoginInputType, true), + AccessValidator.isRegisteresUser, + authController.login, ); -routes.get('/pepepe', passport.authenticate('jwt', { session: false }), function (req, res, next) { - res.send(req.user.email); -}); +routes.get('/pepepe', AccessValidator.isLoggedUser, + function (req, res, next) { + res.send(req.user.email); + } +); module.exports = routes; \ No newline at end of file diff --git a/modules/auth/auth.validations.js b/modules/auth/auth.validations.js index 8b2adfa..190095f 100644 --- a/modules/auth/auth.validations.js +++ b/modules/auth/auth.validations.js @@ -11,5 +11,6 @@ const LoginOutputType = Joi.object().keys({ module.exports = { - login: LoginInputType, + LoginInputType, + LoginOutputType };