Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- login: {
- auth: false,
- description: 'User.Login',
- notes: 'Verify credentials, provide a JWT token and returns the user information',
- tags: ['api'],
- validate: {
- payload: Joi.object({
- email: Joi.string().email().required(),
- password: Joi.string().min(6).max(60).required()
- })
- },
- handler: (request, reply) => {
- const { email, password } = request.payload
- const key = plugin.plugins['system'].privateKey
- const expires = moment().add(7, 'days').valueOf()
- const omit = ['_id', '__v', 'password', 'status', 'hashes', 'scope']
- User.findOneAsync({ email: email, status: { $in: [ User.status.ACTIVE ] } }).bind({})
- .then(user => {
- if (!user) throw Boom.unauthorized('Bad username or password')
- this.user = user
- return bcrypt.compareAsync(password, user.password)
- })
- .then(valid => {
- if (!valid) throw Boom.unauthorized('Bad username or password')
- return User.login(this.user._id)
- })
- .then(user => {
- this.user = user
- return jwt.signAsync({ _id: this.user._id, exp: expires }, key, { algorithm: 'HS256' })
- })
- .then(token => {
- return _.omit(_.merge(this.user._doc, { token: token }), omit)
- })
- .catch(Calibrate.error)
- .then(reply)
- }
- },
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
