Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 'use strict';
- var jwt = require('jsonwebtoken'),
- superSecret = 'hornetSecret',
- User = require('./../user/user.model'),
- config = require('./../config');
- // validar user debe retornar primise
- exports.validateUser = function(req, res, next){
- // check header or url parameters or post parameters for token
- // deleted req.body.token || / becouse is passing token from mercadopago module
- var token = req.query.token || req.headers['x-access-token'];
- // decode token
- if (token) {
- // verifies secret and checks exp
- jwt.verify(token, config.secret, function(err, decoded) {
- if (err) {
- return res.status(403).send({
- success: false,
- message: 'Failed to authenticate token.'
- });
- //return res.json({ success: false, message: 'Failed to authenticate token.' });
- } else {
- // if everything is good, save to request for use in other routes
- req.decoded = decoded;
- next();
- }
- });
- } else {
- return res.status(403).send({
- success: false,
- message: 'No token provided.'
- });
- // if there is no token
- // return an error
- //return res.json({ success: false, message: 'No token provided.' });
- }
- };
- exports.authenticate = function (req, res) {
- User.findOne({
- email : req.body.email
- }).select('name email password account').exec(function(err, user) {
- if (err) throw err;
- if (!user) {
- res.json({
- sucess : false,
- message: 'Authentication failed. User not found.'
- })
- } else if (user) {
- var validPassword = user.comparePassword(req.body.password);
- if (!validPassword) {
- res.json({
- sucess : false,
- message : 'Authentication failed. Wrong password.'
- });
- } else {
- var token = jwt.sign({
- _id : user._id,
- name : user.name,
- email : user.email
- }, superSecret, {
- expireInMinutes : 1440 // expires in 24 hours
- });
- res.json({
- sucess : true,
- message : 'Enjoy your token!',
- token : token
- });
- }
- }
- });
- };
- exports.me = function(req, res){
- res.json({req: req.decoded});
- };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement