diff options
Diffstat (limited to 'routes/index.js')
| -rw-r--r-- | routes/index.js | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/routes/index.js b/routes/index.js new file mode 100644 index 0000000..294cb49 --- /dev/null +++ b/routes/index.js @@ -0,0 +1,106 @@ +const fs = require('fs') +const router = require('express').Router() +const { randomBytes } = require('crypto') +const jwt = require('jsonwebtoken') +const User = require('../model/User') + +const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa`) + +const generateJwtToken = (user) => jwt.sign({ + email: user.email, + verified: !!user.verify, + role: user.role, + }, + { + key: cert, + passphrase: process.env.RSA_PASS, + }, + { + expiresIn: parseInt(process.env.TOKEN_EXPIRES_IN), + issuer: 'pruss.it', + algorithm: 'RS256', + } +) + +// Alive +router.get("/", (_, res) => res.send("Auth service is up.") ) + +// Register +router.post('/register', async (req, res) => { + const refresh = randomBytes(32).toString('hex') + const newUser = new User({ + email: req.body.email, + password: req.body.password, + refresh, + }) + + try { + const user = await newUser.save() + const jwtToken = generateJwtToken(user) + + res.status(201).send({ jt: jwtToken, rt: refresh }) + } catch(err) { + if (err._message) { + res.status(422).send({ error: err._message }) + } else if (err.code && err.code === 11000) { + res.status(409).send({ error: 'User with this email already exist' }) + } else { + res.status(400).send({ error: 'Could not save the user' }) + } + } +}) + +// Login +router.post('/login', async (req, res) => { + try { + const user = await User.findByCredentials(req.body.email, req.body.password) + + if (!user) throw new Error() + + const refreshToken = await User.newRefreshToken(user) + + if (!refreshToken) throw new Error() + + const jwtToken = generateJwtToken(user) + + res.status(202).send({ jt: jwtToken, rt: refreshToken }) + } catch (err) { + res.status(401).send({ error: 'Could not log in.' }) + } +}) + +// Logout +router.post('/logout', async (req, res) => { + try { + const user = await User.checkRefreshToken(req.body.email, req.body.refresh) + + if (!user) throw new Error() + + await User.removeRefreshToken(user.email) + + res.status(204).send() + } catch (err) { + res.status(401).send({ error: 'Could not logout' }) + } +}) + +// Refresh token +router.post('/refresh', async (req, res) => { + try { + const user = await User.checkRefreshToken(req.body.email, req.body.refresh) + + if (!user) throw new Error() + + const newRefreshToken = await User.newRefreshToken(user) + + if (!newRefreshToken) throw new Error() + + const jwtToken = generateJwtToken(user) + + res.status(201).send({ jt: jwtToken, rt: newRefreshToken }) + } catch (err) { + res.status(401).send({ error: 'User logged out' }) + } +}) + +module.exports = router |