Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var express = require('express');
- var app = express();
- var userDao = require('./mongo-dao');
- var passport = require('passport');
- var LocalStrategy = require('passport-local').Strategy;
- var BasicStrategy = require('passport-http').BasicStrategy;
- var bodyParser = require('body-parser');
- var jwt = require("jwt-simple");
- var SecretString = "xiskitoprimo";
- app.use(bodyParser.json());
- app.use(passport.initialize());
- app.use(bodyParser.urlencoded({ // to support URL-encoded bodies
- extended: true
- }));
- app.set('SecretKey', SecretString);
- //funciona que se utiliza para autentificar dentro de passport local y passport basic
- function findOne(username, password, done) {
- userDao.findOne({
- username: username
- }, function(err, user) {
- if (err) return done(null, false, {
- message: 'Fallo no controlado.'
- });
- if (!user) return done(null, false, {
- message: 'Usuario incorrecto.'
- });
- if (password === user.password) {
- return done(null, user);
- } else {
- return done(null, false, {
- message: 'Incorrect password.'
- });
- }
- });
- }
- function create_token(req) {
- var user = req.user;
- var data = new Date().getTime();
- var expires = data + 180000000;
- var expires_refresh = expires + 18000000;
- //Cuerpo de nuestro token con los datos del usuario y su expiracion, el header se introduce solo.
- //El app.get("SecretKey") indica la key para cifrar el token.
- var access_token = jwt.encode({
- user: user,
- exp: expires
- }, app.get('SecretKey'));
- var refresh_token = jwt.encode({
- access_token: access_token,
- exp: expires_refresh
- }, app.get('SecretKey'));
- return json = {
- access_token: access_token,
- refresh_token: refresh_token,
- role:user.roles
- };
- }
- passport.use(new LocalStrategy(
- function(username, password, done) {
- return findOne(username, password, done);
- }
- ));
- passport.use(new BasicStrategy(
- function(username, password, done) {
- return findOne(username, password, done);
- }
- ));
- app.post("/token-local", passport.authenticate('local', {
- session: false
- }), function(req, res) {
- res.send(create_token(req));
- });
- app.get('/token-basic', passport.authenticate('basic', {
- session: false
- }), function(req, res) {
- console.loq(req);
- res.send(create_token(req));
- });
- app.post("/refresh-token", function(req, res) {
- var access_token = (req.body && req.body.access_token);
- var refresh_token = (req.body && req.body.refresh_token);
- if (access_token && refresh_token) {
- try {
- var access_token_decoded = jwt.decode(access_token, app.get('SecretKey'));
- var refresh_token_decoded = jwt.decode(refresh_token, app.get('SecretKey'));
- var date = new Date().getTime();
- } catch (err) {
- res.send(400);
- }
- if (access_token_decoded.exp <= date && refresh_token_decoded.access_token === access_token &&
- refresh_token_decoded.exp > date) {
- var refresh_expire = refresh_token_decoded.exp + 18000000;
- var new_access_token = jwt.encode({
- user: access_token_decoded.user,
- exp: refresh_token_decoded.exp
- }, app.get('SecretKey'));
- var new_refresh_token = jwt.encode({
- access_token: access_token,
- exp: refresh_expire
- }, app.get('SecretKey'));
- var json = {
- access_token: new_access_token,
- refresh_token: refresh_token
- };
- res.send(json);
- }else{
- res.send(402);
- }
- } else {
- //next();
- res.send(400);
- }
- });
- app.post("/verify-token", function(req, res) {
- var token = (req.body && req.body.access_token) || (req.query && req.query.access_token) || req.headers['x-access-token'];
- console.log(token);
- if (token) {
- try {
- var date = new Date().getTime();
- var decoded = jwt.decode(token, app.get('SecretKey'));
- } catch (err) {
- res.send(400);
- //return next();
- }
- if (decoded.exp <= date) {
- res.send(402);
- } else {
- res.json(decoded);
- }
- } else {
- //next();
- res.send(400);
- }
- });
- app.listen(3000, function() {
- console.log('Ecample app listening on port 3000');
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
