Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var express = require('express')
- var bcrypt = require('bcrypt')
- var jwt = require('jsonwebtoken')
- var randToken = require('rand-token')
- const User = require('../model/User')
- const BlackListedToken = require('../model/BlackListedToken')
- const superAgert = require('superagent')
- const {
- OAuth2Client
- } = require('google-auth-library');
- const CLIENT_ID = '****'
- const FB_APP_TOKEN = '****'
- const googleclient = new OAuth2Client(CLIENT_ID);
- var route = express.Router()
- let saltRounds = 8
- let jwtSecret = "sample-secret"
- route.post('/sign_up', (req, res, next) => {
- console.log("password - " + req.body.password)
- console.log("user - " + req.body.email)
- if (!req.body.password || !req.body.email) {
- return res.status(500).json("Incomplete data")
- }
- User.findOne({
- email: req.body.email
- }, function (err, user) {
- if (!err) {
- return res.status(403).json({
- message: "email is present"
- })
- } else {
- var _hashedPassword = bcrypt.hashSync(req.body.password, saltRounds);
- var _hashedRequestToken = getHashedRequestToken();
- let curDate = Date.now()
- let user = new User({
- email: req.body.email,
- hashedPassword: _hashedPassword,
- createdAt: curDate,
- updatedAt: curDate,
- hashedRequestToken: _hashedRequestToken,
- noOfSessionAllowed: 1
- })
- user.save((err, user) => {
- if (err) {
- return res.status(500).send(err)
- } else {
- var token = getAccessToken(user)
- res.status(200).send({
- auth: true,
- token: token,
- user: user
- });
- }
- })
- }
- })
- })
- route.post('/sign_up_mobile', (req, res, next) => {
- if (!req.body.from || !req.body.email) {
- return res.status(500).json("Incomplete data")
- }
- let from = req.body.from
- let accessToken = req.headers['x-access-token']
- // console.log("access token = " + accessToken)
- if (accessToken == null) {
- return res.status(403).json({
- message: "No access token"
- })
- }
- if (from == 'google') {
- //TODO: validate google
- verifyGoogle(accessToken, CLIENT_ID)
- .then(v => {
- console.log(v)
- doAfterVerification(req, res, next)
- // return res.status(200).json("Hurray")
- }).catch(err => {
- console.log("error - " + err)
- return res.status(500).json({
- message: "Unauthorised attempt"
- })
- })
- } else if (from == 'facebook') {
- //TODO: validate facebook
- verifyFacebook(accessToken, FB_APP_TOKEN)
- .then(result => {
- console.log(v + ", hurray")
- return res.status(200).json({
- message: "Authorised from facebook",
- })
- // doAfterVerification(req, res, next)
- }).catch(_error => {
- return res.status(500).json({
- message: "Unauthorised from facebook",
- })
- })
- }
- })
- async function verifyFacebook(clientToken, fbAccessToken) {
- // return new Promise(function (resolve, reject) {
- return new Promise(function (resolve, reject) {
- superAgert.get('https://graph.facebook.com/debug_token')
- // input_token={token-to-inspect}
- // &access_token={app-token-or-admin-token}')
- .query({
- input_token: clientToken,
- access_token: fbAccessToken
- })
- .end((err, _result) => {
- if (err) {
- console.log(111)
- console.log(err)
- reject(err)
- } else {
- console.log(222)
- // console.log(_result)
- resolve("_result")
- }
- })
- console.log(333)
- })
- }
- function doAfterVerification(req, res, next) {
- User.findOne({
- email: req.body.email
- }, function (err, user) {
- if (user) {
- //user already exists
- //black list the previous token of this user
- let time = user.updatedAt
- var prevToken = getAccessToken(user)
- let blackListedToken = new BlackListedToken({
- token: prevToken
- })
- blackListedToken.save((err, blackListedToken) => {
- if (err) {
- return res.status(500).json({
- message: "something went wrong"
- })
- }
- user.updatedAt = Date.now()
- user.hashedRequestToken = getHashedRequestToken()
- user.save(function (err, _user) {
- if (err) {
- return res.status(500).json({
- message: "unable to create user"
- })
- }
- //create new jwt token
- var newAccessToken = getAccessToken(_user)
- return res.status(200).json({
- result: {
- auth: true,
- token: newAccessToken,
- user: _user
- },
- message: "Old User created"
- });
- })
- })
- } else {
- //New user
- createNewUser(req, res, next)
- }
- })
- }
- function createNewUser(req, res, next) {
- let curDate = Date.now()
- let user = new User({
- email: req.body.email,
- createdAt: curDate,
- hashedRequestToken: getHashedRequestToken(),
- updatedAt: curDate,
- noOfSessionAllowed: 1
- })
- user.save((err, user) => {
- if (err) {
- return res.status(500).send(err)
- } else {
- var token = getAccessToken(user)
- res.status(200).send({
- result: {
- auth: true,
- token: token,
- user: user
- },
- message: "New user created"
- });
- }
- })
- }
- async function verifyGoogle(token, clientId) {
- console.log("totken =" + token + ", client id = " + clientId)
- const ticket = await googleclient.verifyIdToken({
- idToken: token,
- audience: clientId, // Specify the CLIENT_ID of the app that accesses the backend
- // Or, if multiple clients access the backend:
- //[CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]
- });
- const payload = ticket.getPayload();
- const userid = payload['sub'];
- // If request specified a G Suite domain:
- //const domain = payload['hd'];
- console.log(ticket)
- }
- route.post('/sign_in', (req, res, next) => {
- User.findOne({
- email: req.body.email
- }, function (err, user) {
- if (err) {
- return res.status(404).json({
- message: "user not found"
- })
- }
- bcrypt.hash(req.body.password, saltRounds, function (err, hash) {
- if (err) {
- return res.status(403).json({
- message: "pass word does not match"
- })
- }
- var token = getAccessToken(user)
- });
- })
- })
- route.get('/me', (req, res, next) => {
- var accessToken = req.headers['x-access-token']
- if (!accessToken) {
- return res.status(401).send({
- auth: false,
- message: 'no token provided'
- })
- }
- BlackListedToken.find({
- token: accessToken
- }, function (err, token) {
- if (!err) {
- return res.status(403).send({
- auth: false,
- message: 'blacklisted'
- })
- } else {
- jwt.verify(token, "sample-secret", (err, decoded) => {
- if (err) {
- return res.status(500).send({
- auth: false,
- message: 'Failed to authenticate token.'
- });
- }
- res.status(200).send(decoded);
- })
- }
- })
- })
- function getHashedRequestToken() {
- var randNum = randToken.generate(16);
- var _hashedRequestToken = bcrypt.hashSync(randNum, saltRounds);
- console.log("hashed token = " + _hashedRequestToken)
- return _hashedRequestToken
- }
- function getAccessToken(user) {
- var token = jwt.sign({
- id: user._id,
- updatedAt: user.updatedAt
- }, jwtSecret, {
- expiresIn: 60 // expires in 60 seconds
- });
- return token
- }
- module.exports = route
Add Comment
Please, Sign In to add comment