diff options
Diffstat (limited to 'routes/index.js')
| -rw-r--r-- | routes/index.js | 106 |
1 files changed, 0 insertions, 106 deletions
diff --git a/routes/index.js b/routes/index.js deleted file mode 100644 index 294cb49..0000000 --- a/routes/index.js +++ /dev/null @@ -1,106 +0,0 @@ -const fs = require('fs') -const router = require('express').Router() -const { randomBytes } = require('crypto') -const jwt = require('jsonwebtoken') -const User = require('../model/User') - -const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa`) - -const generateJwtToken = (user) => jwt.sign({ - email: user.email, - verified: !!user.verify, - role: user.role, - }, - { - key: cert, - passphrase: process.env.RSA_PASS, - }, - { - expiresIn: parseInt(process.env.TOKEN_EXPIRES_IN), - issuer: 'pruss.it', - algorithm: 'RS256', - } -) - -// Alive -router.get("/", (_, res) => res.send("Auth service is up.") ) - -// Register -router.post('/register', async (req, res) => { - const refresh = randomBytes(32).toString('hex') - const newUser = new User({ - email: req.body.email, - password: req.body.password, - refresh, - }) - - try { - const user = await newUser.save() - const jwtToken = generateJwtToken(user) - - res.status(201).send({ jt: jwtToken, rt: refresh }) - } catch(err) { - if (err._message) { - res.status(422).send({ error: err._message }) - } else if (err.code && err.code === 11000) { - res.status(409).send({ error: 'User with this email already exist' }) - } else { - res.status(400).send({ error: 'Could not save the user' }) - } - } -}) - -// Login -router.post('/login', async (req, res) => { - try { - const user = await User.findByCredentials(req.body.email, req.body.password) - - if (!user) throw new Error() - - const refreshToken = await User.newRefreshToken(user) - - if (!refreshToken) throw new Error() - - const jwtToken = generateJwtToken(user) - - res.status(202).send({ jt: jwtToken, rt: refreshToken }) - } catch (err) { - res.status(401).send({ error: 'Could not log in.' }) - } -}) - -// Logout -router.post('/logout', async (req, res) => { - try { - const user = await User.checkRefreshToken(req.body.email, req.body.refresh) - - if (!user) throw new Error() - - await User.removeRefreshToken(user.email) - - res.status(204).send() - } catch (err) { - res.status(401).send({ error: 'Could not logout' }) - } -}) - -// Refresh token -router.post('/refresh', async (req, res) => { - try { - const user = await User.checkRefreshToken(req.body.email, req.body.refresh) - - if (!user) throw new Error() - - const newRefreshToken = await User.newRefreshToken(user) - - if (!newRefreshToken) throw new Error() - - const jwtToken = generateJwtToken(user) - - res.status(201).send({ jt: jwtToken, rt: newRefreshToken }) - } catch (err) { - res.status(401).send({ error: 'User logged out' }) - } -}) - -module.exports = router |