const fs = require('fs'); const path = require('path'); const jwt = require('jsonwebtoken'); const randtoken = require('rand-token'); const bCrypt = require('bcrypt'); const config = require('../config'); const privateKEY = fs.readFileSync(path.join(__dirname, '..', 'private.key'), 'utf8'); const publicKEY = fs.readFileSync(path.join(__dirname, '..', 'public.key'), 'utf8'); const signOptions = { issuer: 'FundaciĆ³n LQDVI', subject: 'info@loquedeverdadimporta.org', audience: 'htts://www.loquedeverdadimporta.org', }; const _genSalt = (rounds = 10) => { return new Promise((resolve, reject) => { bCrypt.genSalt(rounds, function (err, salt) { if (err) return reject(err); return resolve(salt); }); }); } const _hashPassword = (password, salt) => { return new Promise((resolve, reject) => { bCrypt.hash(password, salt, function (err, hash) { if (err) return reject(err); return resolve(hash); }); }); } // https://medium.com/@siddharthac6/json-web-token-jwt-the-right-way-of-implementing-with-node-js-65b8915d550e const _sign = (payload, options) => { /* options = { issuer: "Authorizaxtion/Resource/This server", subject: "iam@user.me", audience: "Client_Identity" // this should be provided by client } */ // Token signing options const signOptions = { issuer: options.issuer, subject: options.subject, audience: options.audience, expiresIn: config.session.token_expires_in, algorithm: "RS256" }; const token = jwt.sign(payload, privateKEY, signOptions); const refreshToken = randtoken.uid(256); refreshToken[refreshToken] = payload; return { token, refreshToken }; } const _verify = (token, options) => { /* options = { issuer: "Authorization/Resource/This server", subject: "iam@user.me", audience: "Client_Identity" // this should be provided by client } */ const verifyOptions = { issuer: options.issuer, subject: options.subject, audience: options.audience, expiresIn: config.session.token_expires_in, algorithm: ["RS256"] }; console.log('_VERIFY - SECURiTY.HELPERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR'); console.log('token: ', token); console.log('publicKEY: ', publicKEY); console.log('verifyOptions: ', verifyOptions); try { return jwt.verify(token, publicKEY, verifyOptions); } catch (err) { return false; } } const _decode = (token) => { //returns null if token is invalid return jwt.decode(token, { complete: true }); } module.exports = { jwtOptions: { jwtFromRequest: (req) => { console.log(req.headers); return ((req && req.headers && req.headers['x-access-token']) ? req.headers['x-access-token'] : null) }, secretOrKey: publicKEY, ...signOptions, }, generateHashPassword: async (password) => { const salt = await _genSalt(); return _hashPassword(password, salt) }, isValidPassword: async (password, candidate) => { result = await bCrypt.compareSync(candidate, password); return result; }, generateToken: (payload) => { return _sign(payload, signOptions); }, verify: (token) => { return _verify(token, signOptions); } }