Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 'use strict';
- var express = require('express');
- global.fetch = require('node-fetch');
- var AmazonCognitoIdentity = require('amazon-cognito-identity-js');
- var crypto = require('crypto');
- var app = express();
- app.use(express.json());
- app.use(express.urlencoded({ extended: false }));
- // cognito
- var poolData = {
- UserPoolId: 'ap-southeast-2_iBpyKm8vp',
- ClientId: '5utvqfrnptv58060ah7i1q8hcf',
- };
- var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
- app.post('/api/auth/sign-in', (req, res) => {
- const countryId = req.body.countryId;
- // todo: load country by id
- const username = '+7' + req.body.phoneNumber;
- const password = crypto.createHash('md5').update(req.body.phoneNumber).digest('hex');
- const attributeList = [
- new AmazonCognitoIdentity.CognitoUserAttribute({
- Name: "phone_number",
- Value: username,
- }),
- ]
- userPool.signUp(username, password, attributeList, null, (err, result) => {
- if (!err) {
- // signed up succesfully, return CONFIRM_SIGNUP_REQUIRED
- res.send({
- status: 200,
- entity: {
- code: 'CONFIRM_SIGNUP_REQUIRED',
- sub: cognitoUser.getUsername(),
- }
- });
- return;
- }
- if (err.code == 'UsernameExistsException') {
- var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails({
- Username: username,
- Password: password
- });
- var userData = {
- Username: username,
- Pool: userPool
- };
- var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
- cognitoUser.authenticateUser(authenticationDetails, {
- onSuccess: function (result) {
- // MFA disabled, return AUTHENTICATED
- res.send({
- status: 200,
- entity: {
- code: 'AUTHENTICATED',
- accessToken: result.getAccessToken().getJwtToken(),
- idToken: result.getIdToken().getJwtToken(),
- refreshToken: result.getRefreshToken().getToken(),
- }
- });
- },
- mfaRequired: function () {
- // return MFA_REQUIRED
- res.send({
- status: 200,
- entity: {
- code: 'MFA_REQUIRED',
- sub: cognitoUser.getUsername(),
- mfaToken: cognitoUser.Session,
- }
- });
- },
- onFailure: function (err2) {
- if (err2.code == 'UserNotConfirmedException') {
- cognitoUser.resendConfirmationCode((err3, result3) => {
- if (err3) {
- // todo: handle unknown error (err3)
- res.status(500).send(err3);
- return;
- }
- // signed up but not confimed, return CONFIRM_SIGNUP_REQUIRED
- res.send({
- status: 200,
- entity: {
- code: 'CONFIRM_SIGNUP_REQUIRED',
- sub: cognitoUser.getUsername(),
- }
- });
- })
- return;
- }
- // todo: handle unknown error (err2)
- res.status(500).send(err2);
- },
- });
- return;
- }
- // todo: handle unknown error (err)
- res.status(500).send(err);
- return;
- });
- });
- app.post('/api/auth/mfa', (req, res) => {
- const smsCode = req.body.smsCode;
- const username = req.body.sub;
- var userData = { Username: username, Pool: userPool };
- var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
- cognitoUser.Session = req.body.mfaToken;
- cognitoUser.sendMFACode(smsCode, {
- onSuccess: (session) => {
- res.send({
- status: 200,
- entity: {
- accessToken: session.getAccessToken().getJwtToken(),
- idToken: session.getIdToken().getJwtToken(),
- refreshToken: session.getRefreshToken().getToken(),
- }
- });
- },
- onFailure: (err) => {
- if (err.code === "CodeMismatchException") {
- res.status(400).send({
- status: 400,
- code: 'INVALID_SMS_CODE'
- });
- return;
- }
- // todo: handle unknown error (err)
- res.status(500).send(err);
- }
- })
- });
- app.post('/api/auth/confirm-signup', (req, res) => {
- const smsCode = req.body.smsCode;
- const username = req.body.sub;
- var userData = { Username: username, Pool: userPool };
- var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
- cognitoUser.confirmRegistration(smsCode, false, (err, session) => {
- if (err) {
- if (err.code === "CodeMismatchException") {
- res.status(400).send({
- status: 400,
- code: 'INVALID_SMS_CODE'
- });
- return;
- }
- // todo: handle unknown error (err)
- res.status(500).send(err);
- return;
- }
- cognitoUser.enableMFA((err2) => {
- if (err2) {
- // todo: handle unknown error (err2)
- res.status(500).send(err2);
- return;
- }
- res.send({
- status: 200,
- entity: {
- accessToken: session.getAccessToken().getJwtToken(),
- idToken: session.getIdToken().getJwtToken(),
- refreshToken: session.getRefreshToken().getToken(),
- }
- });
- });
- });
- });
- // catch 404 and forward to error handler
- app.use(function (req, res, next) {
- next(createError(404));
- });
- // error handler
- app.use(function (err, req, res, next) {
- res.status(err.status || 500).body(err);
- });
- app.listen(7755);
- console.log('info', `api running on port 7755`);
- module.exports = app;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement