6 змінених файлів з 37 додано та 5 видалено
+ 0
- 0
src/endpoints/token.js
Переглянути файл
+ 16
- 0
src/middleware/auth.js
Переглянути файл
| @@ -0,0 +1,16 @@ | |||
| const jwt = require('jsonwebtoken') | |||
| const User = require('../models/user') | |||
| const auth = async (req, res, next) => { | |||
| try { | |||
| const token = req.header('Authorization').replace('Bearer ', '') | |||
| const decoded = jwt.verify(token, 'ovoJeSecret') | |||
| console.log(decoded) | |||
| } catch (e) { | |||
| return res.send(e) | |||
| } | |||
| console.log('auth middleware') | |||
| next() | |||
| } | |||
| module.exports = auth | |||
+ 13
- 1
src/models/token.js
Переглянути файл
| @@ -21,6 +21,8 @@ tokenSchema.statics.findByCredentials = async (email, password) => { | |||
| return | |||
| } | |||
| const checkMatch = await bcrypt.compare(password, user.password) | |||
| console.log(password) | |||
| console.log(user.password) | |||
| if(checkMatch) { | |||
| return user | |||
| } | |||
| @@ -45,7 +47,17 @@ tokenSchema.statics.refreshAuthToken = async function(token, refreshOptions) { | |||
| delete payload.jti | |||
| const jwtSignOptions = Object.assign({ }, this.options, { jwtid: refreshOptions.jwtid }) | |||
| return jwt.sign(payload, this.secretOrPrivateKey, jwtSignOptions) | |||
| return jwt.sign(payload, 'ovoJeSecret', jwtSignOptions) | |||
| } | |||
| tokenSchema.statics.destroyToken = async function(token) { | |||
| const findUser = await User.findOne({ 'tokens.token': token }) | |||
| findUser.tokens = findUser.tokens.filter((currToken) => { | |||
| return currToken.token !== token | |||
| }) | |||
| await findUser.save() | |||
| console.log('uspesno') | |||
| return jwt.sign(token, 'a', { expiresIn: 1 }) | |||
| } | |||
| const Token = mongoose.model('Token', tokenSchema) | |||
+ 2
- 0
src/models/user.js
Переглянути файл
| @@ -25,6 +25,8 @@ const userSchema = new mongoose.Schema({ | |||
| userSchema.pre('save', async function(next) { | |||
| const user = this | |||
| user.password = await bcrypt.hash(user.password, 8) | |||
| console.log('Middleware before password hash') | |||
| next() | |||
| }) | |||
+ 5
- 4
src/routes/token.js
Переглянути файл
| @@ -4,9 +4,10 @@ const User = require('../models/user') | |||
| const jwt = require('jsonwebtoken') | |||
| const bcrypt = require('bcryptjs') | |||
| const router = new express.Router() | |||
| const auth = require('../middleware/auth') | |||
| router.post('/token', async (req, res) => { | |||
| router.post('/login', async (req, res) => { | |||
| const findUser = await Token.findByCredentials(req.body.email, req.body.password) | |||
| if(!findUser) { | |||
| return res.status(400).send('User does not exist, wrong email') | |||
| @@ -19,11 +20,11 @@ router.post('/token', async (req, res) => { | |||
| const token = await Token.generateAuthToken(findUser) | |||
| return res.send({findUser, token}) | |||
| return res.send(findUser) | |||
| }) | |||
| router.post('/refresh/:token', async (req, res) => { | |||
| router.post('/logout/', async (req, res) => { | |||
| const result = Token.destroyToken(req.body.token) | |||
| }) | |||
| module.exports = router | |||
+ 1
- 0
src/routes/user.js
Переглянути файл
| @@ -2,6 +2,7 @@ const express = require('express') | |||
| const User = require('../models/user') | |||
| const router = new express.Router() | |||
| const app = express() | |||
| const auth = require('../middleware/auth') | |||
| // router.get('/users', async (req, res) => { | |||
| // try{ | |||
Завантаження…