Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const Koa = require('koa')
- const Router = require('koa-router')
- const { createLogger, format: { printf }, transports } = require('winston')
- const logger = createLogger({
- format: printf(info => info.message),
- transports: [
- new transports.Console()
- ]
- })
- const app = new Koa()
- const router = new Router()
- const bodyParser = require('koa-bodyparser')
- app.use(bodyParser())
- const mongoose = require('mongoose')
- // you can create test db via mLab for this gist
- const connect = 'mongodb://user.password:57383/db'
- mongoose
- // if you need
- // .set('debug', true)
- .connect(connect, {
- useNewUrlParser: true,
- useCreateIndex: true,
- useFindAndModify: false,
- keepAlive: 1,
- poolSize: 5
- })
- const userSchema = new mongoose.Schema({
- login: {
- type: String,
- unique: true,
- lowercase: true,
- trim: true,
- required: true,
- default: () => Date.now().toString(32).slice(2)
- }
- })
- const User = mongoose.model('User', userSchema)
- const passport = require('koa-passport')
- passport.serializeUser((user, done) => {
- logger.info('serializeUser')
- done(null, user.id)
- })
- passport.deserializeUser((id, done) => {
- logger.info('deserializeUser')
- User.findById(id, done)
- })
- const { Strategy, ExtractJwt } = require('passport-jwt')
- passport.use(new Strategy({
- jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
- secretOrKey: 'customSecretKey',
- algorithms: 'HS512'
- }, (payload, done) => {
- logger.info('jwtStrategy')
- User.findById(payload.id, (err, user) => {
- if (err) {
- return done(err, false)
- }
- if (!user) {
- return done(null, false)
- }
- return done(null, user)
- })
- }))
- app.use(passport.initialize())
- const auth = async (ctx, next) => {
- logger.info('startAuth')
- logger.info('beforeKoaPassport')
- // await next(), becaurse koa-passport return next()
- await passport.authenticate('jwt', { session: false })(ctx, next)
- logger.info('afterKoaPassport')
- if (!ctx.state.user) {
- ctx.throw(401, 'Unauthorized')
- }
- logger.info('endAuth')
- }
- const getUsers = async (ctx) => {
- logger.info('startGetUsers')
- const users = await User.find({})
- ctx.body = {
- payload: users
- }
- logger.info('endGetUsers')
- }
- router.get('/users', auth, getUsers)
- app.use(router.routes()).use(router.allowedMethods())
- app.listen(3000)
Add Comment
Please, Sign In to add comment