SHARE
TWEET

Untitled

a guest Apr 10th, 2019 95 in 168 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. _          = require 'lodash'
  2. config     = require './../../config'
  3. routes     = require './../../routes'
  4. pool       = require __base+'pool-connection'
  5. jwt        = require 'jsonwebtoken'
  6. ms         = require 'ms'
  7.  
  8. auth =
  9.  checkUserAccess: (req, res, next) ->
  10.   fin = ->
  11.    console.log 'check user access failed, redirect to login page'      
  12.    res.status 403 #302
  13.    res.clearCookie 'login'
  14.    res.clearCookie 'x-access-token'              
  15.    switch req.method
  16.     when 'POST'
  17.      res.send redirectTo: "#{routes.auth.path}"
  18.     when 'GET'
  19.      res.send "<script>
  20.                location.replace('#{routes.auth.path}');
  21.               </script>"
  22.  
  23.   unless _.isUndefined req.cookies['login'] or _.isUndefined req.cookies['x-access-token']
  24.     login = req.cookies['login']
  25.     accessToken = req.cookies['x-access-token']
  26.     # get jwt-secret from db
  27.     pool.query "select jwt_salt
  28.                 from  users
  29.                 where login = '#{login}';", (err, jwtSecret) ->
  30.      if err
  31.       console.log "can't find jwt-secret for user #{login}, redirect to login page", err
  32.       fin()
  33.      else
  34.       unless _.isEmpty jwtSecret.rows    
  35.        jwt.verify accessToken, _.first(jwtSecret.rows).jwt_salt, (err, verifyResult) ->
  36.         if err
  37.          console.error "can't verify access token for user #{login}", err
  38.          fin()
  39.         else
  40.          # generate jwt-token and send it to client
  41.          payload =
  42.                name: login
  43.          options =
  44.                algorithm: config.users.jwtAlgorithm
  45.                issuer: config.users.jwtIssuer
  46.                expiresIn: config.users.jwtExpiresIn
  47.          jwt.sign payload, _.first(jwtSecret.rows).jwt_salt, options, (err, token) ->
  48.           if err
  49.            console.error "Can't create access data for user #{login}: ", err
  50.            fin()
  51.           else
  52.            console.log "create jwt & cookies for user #{login}"
  53.            res._login = login # inner variable for login
  54.            res.cookie 'login', login, expires: new Date(Date.now() + ms(config.users.jwtExpiresIn))        
  55.            res.cookie 'x-access-token', token,
  56.                                               expires: new Date(Date.now() + ms(config.users.jwtExpiresIn))
  57.                                               httpOnly: true
  58.            next()
  59.       else
  60.        console.error "jwt-secret is empty"        
  61.        fin()                                              
  62.  
  63.   else
  64.    console.log 'no auth cookies supplied'
  65.    fin()            
  66.  
  67. module.exports = auth
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top