diff options
Diffstat (limited to 'routes/auth.js')
| -rw-r--r-- | routes/auth.js | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/routes/auth.js b/routes/auth.js new file mode 100644 index 0000000..389c01b --- /dev/null +++ b/routes/auth.js @@ -0,0 +1,119 @@ +const router = require('express').Router() +const { randomBytes } = require('crypto') +const jwt = require('jsonwebtoken') +const User = require('../model/User') + +const cookieParams = { + maxAge: (1000 * parseInt(process.env.TOKEN_EXPIRE_IN)), + secure: false, + httpOnly: true, +} + +const generateJwtToken = (user) => jwt.sign({ + email: user.email, + verified: !!user.verify, + role: user.role, + }, + process.env.JWT_SECRET, + { + expiresIn: parseInt(process.env.TOKEN_EXPIRE_IN), + issuer: 'pruss.it', + algorithm: 'HS256', + } +) + +// Alive +router.get("/", function (_, res) { + res.send("Service is up.") +}) + +// Register +router.post('/register', async (req, res) => { + const refresh = randomBytes(32).toString('hex') + const user = new User({ + email: req.body.email, + password: req.body.password, + refresh, + }) + + try { + await user.save() + res.status(201).send(refresh) + } catch(err) { + if (err._message) { + res.status(422).send(err._message) + } else if (err.code && err.code === 11000) { + res.status(409).send('User with this email already exist') + } else { + res.status(400).send('Could not save the user') + } + } +}) + +// Login +router.post('/login', async (req, res) => { + try { + const user = await User.findByCredentials(req.body.email, req.body.password) + + if (!user) { + throw new Error() + } + + const refreshToken = await User.newRefreshToken(user) + + if (!refreshToken) { + throw new Error() + } + + const jwtToken = generateJwtToken(user) + + res + .cookie('token', jwtToken, cookieParams) + .status(204) + .send(refreshToken) + } catch (err) { + res.status(401).send('Could not login') + } +}) + +// Logout +router.post('/logout', async (_, res) => { + try { + // add session check + + res + .clearCookie('token') + .status(204) + .send() + } catch (err) { + res.status(401).send('Could not logout') + } +}) + +// Refresh token +router.post('/refresh', async (req, res) => { + try { + const user = await User.checkRefreshToken(req.body.email, req.body.refresh) + + if (!user) { + throw new Error() + } + + const newRefreshToken = await User.newRefreshToken(user) + + if (!newRefreshToken) { + throw new Error() + } + + const jwtToken = generateJwtToken(user) + + res + .cookie('token', jwtToken, cookieParams) + .status(201) + .send(newRefreshToken) + } catch (err) { + res.status(401).send('User logged out') + } +}) + +module.exports = router |