API tools faq
paste
Guest User

Untitled

a guest
Feb 6th, 2019
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.73 KB | None | 0 0
raw download clone embed print report
  1. import express from 'express'
  2. import Debug from 'debug'
  3. import jwt from 'jsonwebtoken'
  4. import { secret, secretToken } from '../config'
  5. import { tokenMiddleware } from '../middleware'
  6. import { User } from '../models'
  7. import { hashSync as hash, compareSync as comparePasswords } from 'bcryptjs'
  8.  
  9. const tokenList = {}
  10. const app = express.Router()
  11. const debug = new Debug('market:auth')
  12.  
  13. app.post('/signin', async (req, res, next) => {
  14. const { email, password } = req.body
  15. const user = await User.findOne({ email })
  16.  
  17. if (!user) {
  18. debug(`User with email ${email} not found`)
  19. return handleLoginFailed(res)
  20. }
  21.  
  22. if (!comparePasswords(password, user.password)) {
  23. debug(`Passwords do not match: ${password} !== ${user.password}`)
  24. return handleLoginFailed(res, 'El correo y la contraseña no coinciden')
  25. }
  26.  
  27. const token = createToken(user)
  28. const refreshToken = refreshTokenSecret(user)
  29. const response = {
  30. "status": "Logged in",
  31. "token": token,
  32. "refreshToken": refreshToken,
  33. userId: user._id,
  34. firstName: user.firstName,
  35. userName: user.userName,
  36. phone: user.phone,
  37. email: user.email
  38. }
  39. tokenList[refreshToken] = response
  40. res.status(200).json(response)
  41. })
  42.  
  43. app.post('/token', (req, res) => {
  44. const userToken = req.body
  45.  
  46. if ((userToken.refreshToken) && (userToken.refreshToken in tokenList)) {
  47.  
  48. const user = {
  49. email: userToken.email,
  50. firstName: userToken.firstName
  51. }
  52. const token = jwt.sign(user, secret, { expiresIn: 10400})
  53. const response = {
  54. "token": token,
  55. }
  56.  
  57. tokenList[userToken.refreshToken].token = token
  58. res.status(200).json(response);
  59.  
  60. } else {
  61. res.status(404).send('Invalid request')
  62. }
  63. })
  64.  
  65. app.get('/secure', tokenMiddleware, async (req,res) => {
  66. try {
  67. res.send('encript token secure method 503')
  68.  
  69. } catch (error) {
  70. handleError(error, res)
  71. }
  72. })
  73.  
  74. const createToken = (user) => jwt.sign({ user }, secret, { expiresIn: 10400})
  75. const refreshTokenSecret = (user) => jwt.sign({ user }, secretToken, { expiresIn: 14400})
  76.  
  77. app.post('/signup', async (req, res) => {
  78. const { firstName, userName, phone, email, password } = req.body
  79. const newUser = new User({
  80. firstName,
  81. userName,
  82. phone,
  83. email,
  84. password: hash(password, 10)
  85. })
  86. debug(`Creating new user: ${newUser}`)
  87. const user = await newUser.save()
  88. const token = createToken(user)
  89. res.status(201).json({
  90. message: 'User saved',
  91. token,
  92. userId: user._id,
  93. firstName,
  94. userName,
  95. phone,
  96. email
  97. })
  98. })
  99.  
  100. function handleLoginFailed(res, message) {
  101. return res.status(401).json({
  102. message: 'Login failed',
  103. error: message || 'Email and password don\'t match'
  104. })
  105. }
  106.  
  107. export default app
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!