Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- login: {
- auth: false,
- description: 'User.Login',
- notes: 'Verify credentials, provide a JWT token and returns the user information',
- tags: ['api'],
- validate: {
- payload: {
- email: Joi.string().email().required(),
- password: Joi.string().min(6).max(60).required()
- }
- },
- handler: (request, reply) => {
- const { email, password } = request.payload;
- const key = plugin.plugins['system'].privateKey;
- const expires = moment().add(7, 'days').valueOf();
- const omit = ['_id', '__v', 'password', 'status', 'hashes'];
- User.findOneAsync({ email: email, status: { $in: [ User.status.ACTIVE ] } }).bind({})
- .then((user) => {
- if (!user) throw Boom.unauthorized('Bad username or password');
- this.user = user;
- return bcrypt.compareAsync(password, user.password);
- })
- .then((valid) => {
- if (!valid) throw Boom.unauthorized('Bad username or password');
- return User.login(this.user._id);
- })
- .then((user) => {
- this.user = user;
- return jwt.signAsync({ _id: this.user._id, exp: expires }, key, { algorithm: 'HS256' });
- })
- .then((token) => {
- return _.omit(_.merge(this.user._doc, { token: token }), omit);
- })
- .catch(Calibrate.error)
- .then(reply);
- }
- },
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement