1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
const fs = require('fs')
const router = require('express').Router()
const { randomBytes } = require('crypto')
const jwt = require('jsonwebtoken')
const User = require('../model/User')
const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa`)
const generateJwtToken = (user) => jwt.sign({
email: user.email,
verified: !!user.verify,
role: user.role,
},
{
key: cert,
passphrase: process.env.RSA_PASS,
},
{
expiresIn: parseInt(process.env.TOKEN_EXPIRES_IN),
issuer: 'pruss.it',
algorithm: 'RS256',
}
)
// Alive
router.get("/", (_, res) => res.send("Auth service is up.") )
// Register
router.post('/register', async (req, res) => {
const refresh = randomBytes(32).toString('hex')
const newUser = new User({
email: req.body.email,
password: req.body.password,
refresh,
})
try {
const user = await newUser.save()
const jwtToken = generateJwtToken(user)
res.status(201).send({ jt: jwtToken, rt: refresh })
} catch(err) {
if (err._message) {
res.status(422).send({ error: err._message })
} else if (err.code && err.code === 11000) {
res.status(409).send({ error: 'User with this email already exist' })
} else {
res.status(400).send({ error: 'Could not save the user' })
}
}
})
// Login
router.post('/login', async (req, res) => {
try {
const user = await User.findByCredentials(req.body.email, req.body.password)
if (!user) throw new Error()
const refreshToken = await User.newRefreshToken(user)
if (!refreshToken) throw new Error()
const jwtToken = generateJwtToken(user)
res.status(202).send({ jt: jwtToken, rt: refreshToken })
} catch (err) {
res.status(401).send({ error: 'Could not log in.' })
}
})
// Logout
router.post('/logout', async (req, res) => {
try {
const user = await User.checkRefreshToken(req.body.email, req.body.refresh)
if (!user) throw new Error()
await User.removeRefreshToken(user.email)
res.status(204).send()
} catch (err) {
res.status(401).send({ error: 'Could not logout' })
}
})
// Refresh token
router.post('/refresh', async (req, res) => {
try {
const user = await User.checkRefreshToken(req.body.email, req.body.refresh)
if (!user) throw new Error()
const newRefreshToken = await User.newRefreshToken(user)
if (!newRefreshToken) throw new Error()
const jwtToken = generateJwtToken(user)
res.status(201).send({ jt: jwtToken, rt: newRefreshToken })
} catch (err) {
res.status(401).send({ error: 'User logged out' })
}
})
module.exports = router
|
