Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 'use strict'
- var mongoose = require('mongoose');
- var jwt = require('jsonwebtoken');
- var crypto = require('crypto');
- var Error = require('./error');
- var Config = require('./config');
- var User = require('../models/user');
- var UserInfoEngine = require('../modules/userinfo-engine');
- var FollowEngine = require('../modules/follow-engine');
- module.exports = {
- _generateHash: function(args) {
- /**
- * password [String]
- * salt [Binary]
- */
- var hash = crypto.createHash('sha512');
- hash.update(args.password);
- hash.update(args.salt);
- return hash.digest('base64');
- },
- _generateSalt: function() {
- /**
- * 0
- */
- try {
- return crypto.randomBytes(256);
- }
- catch(ex) {
- return null; // TOCHECK
- }
- },
- _generateToken: function(args) {
- /**
- * username [String]
- * key [String]
- */
- return jwt.sign({ username: args.username }, args.key + args.username, { expireInMinutes: 1440 });
- },
- _verifyToken: function(args, callback) {
- /**
- * token [String]
- * key [String]
- * username [String]
- */
- jwt.verify(args.token, args.key + args.username, function(err, decoded) {
- if (err) {
- return callback(true);
- }
- if (decoded.username === args.username) {
- return callback(null);
- }
- else {
- return callback(true);
- }
- });
- },
- register: function(args, callback) {
- /**
- * username [String]
- * password [String]
- * email [String]
- * devGroup [String] opt
- */
- var self = this;
- if (!args.username || !args.password || !args.email) {
- return callback(Error.genObj(Error.code.MISSING_PARAMS));
- }
- User.findOne({
- username: args.username
- }, function(err, user) {
- if (err) {
- return callback(Error.genObj(Error.code.INTERNAL));
- }
- if (!user) {
- if (args.password.length < 8) {
- return callback(Error.genObj(Error.code.REGISTRATION_SHORT_PASS));
- }
- var salt = self._generateSalt();
- var hash = self._generateHash({ password: args.password, salt: salt });
- var token = self._generateToken({ username: args.username, key: Config.tokenKey });
- var devGroup = '';
- if (args.devGroup) {
- devGroup = args.devGroup;
- }
- var newUser = new User({
- username: args.username,
- password: hash,
- salt: salt,
- email: args.email,
- registered: new Date(),
- updated: new Date(),
- token: token,
- devGroup: devGroup
- });
- newUser.save(function(err) {
- if (err) {
- return callback(Error.genObj(Error.code.INTERNAL));
- }
- UserInfoEngine.update({
- username: args.username,
- devGroup: args.devGroup
- }, function(err) {
- if (err) {
- return callback(err);
- }
- FollowEngine.setup({
- username: args.username,
- devGroup: args.devGroup
- }, function(err) {
- if (err) {
- return callback(err);
- }
- return callback(null, newUser);
- });
- });
- });
- }
- else {
- return callback(Error.genObj(Error.code.REGISTRATION_USER_EXISTS));
- }
- });
- },
- login: function(args, callback) {
- /**
- * username [String]
- * password [String]
- */
- var self = this;
- if (!args.username || !args.password) {
- return callback(Error.genObj(Error.code.MISSING_PARAMS));
- }
- User.findOne({
- username: args.username
- }, function(err, user) {
- console.log('[Debug] In User.findOne(...) Callback;');
- if (err) {
- return callback(Error.genObj(Error.code.INTERNAL));
- }
- if (!user) {
- return callback(Error.genObj(Error.code.TOKEN_AUTH_FAILED));
- }
- if (self._generateHash({ password: args.password, salt: user.salt }) != user.password) {
- return callback(Error.genObj(Error.code.TOKEN_AUTH_FAILED));
- }
- self._verifyToken({
- token: user.token,
- username: args.username,
- key: Config.tokenKey
- }, function(err) {
- if (err) {
- var token = self._generateToken({ username: args.username, key: Config.key });
- user.token = token;
- user.save(function(err) {
- if (err) {
- return callback(Error.genObj(Error.code.INTERNAL));
- }
- return callback(null, user);
- });
- }
- return callback(null, user);
- });
- });
- },
- authenticate: function(args, callback) {
- /**
- * token [String]
- */
- var self = this;
- if (!args.token) {
- return callback(Error.genObj(Error.code.MISSING_PARAMS));
- }
- var payload = jwt.decode(args.token);
- User.findOne({
- token: args.token
- }, function(err, user) {
- if (err) {
- return callback(Error.genObj(Error.code.INTERNAL));
- }
- if (user) {
- if (payload.username != user.username) {
- return callback(Error.genObj(Error.code.TOKEN_AUTH_FAILED));
- }
- self._verifyToken({
- token: args.token,
- username: user.username,
- key: Config.tokenKey
- }, function(err) {
- if (err) {
- return callback(Error.genObj(Error.code.TOKEN_AUTH_FAILED));
- }
- return callback(null, user);
- });
- }
- else {
- return callback(Error.genObj(Error.code.TOKEN_AUTH_FAILED));
- }
- });
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement