2018-04-20 10:04:12 +05:30
|
|
|
const jwt = require("jwt-simple");
|
|
|
|
const frappe = require("frappejs");
|
|
|
|
const passport = require("passport");
|
|
|
|
const passportJWT = require("passport-jwt");
|
2018-04-30 19:57:41 +05:30
|
|
|
const bcrypt = require('bcrypt');
|
|
|
|
const { DateTime } = require('luxon');
|
2018-04-20 10:04:12 +05:30
|
|
|
const jwtSecret = require('crypto').randomBytes(256);
|
|
|
|
|
|
|
|
const ExtractJwt = passportJWT.ExtractJwt;
|
|
|
|
const Strategy = passportJWT.Strategy;
|
|
|
|
|
|
|
|
const params = {
|
|
|
|
secretOrKey: jwtSecret,
|
|
|
|
jwtFromRequest: ExtractJwt.fromHeader('token')
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
module.exports = () => {
|
|
|
|
|
|
|
|
const strategy = new Strategy(params, async function (payload, done) {
|
|
|
|
const email = payload.email;
|
|
|
|
if (!email) return done(new Error("Invalid Request"), null)
|
|
|
|
|
|
|
|
const user = (await frappe.db.getAll({
|
|
|
|
doctype: 'User',
|
|
|
|
filters: { name: email }
|
|
|
|
}))[0];
|
|
|
|
|
|
|
|
if (user) {
|
|
|
|
return done(null, {
|
|
|
|
email: user.email
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
return done(new Error("User not found"), null);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
passport.use(strategy);
|
|
|
|
|
|
|
|
return {
|
|
|
|
initialize: () => {
|
|
|
|
return passport.initialize();
|
|
|
|
},
|
|
|
|
authenticate: () => {
|
|
|
|
return passport.authenticate("jwt", { session: false });
|
|
|
|
},
|
|
|
|
login: async function (req, res) {
|
2018-04-30 19:57:41 +05:30
|
|
|
const { email, password } = req.body;
|
2018-04-20 10:04:12 +05:30
|
|
|
|
2018-04-30 19:57:41 +05:30
|
|
|
if (!(email && password)) {
|
|
|
|
res.status(400).send('Email and Password are required');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
const user = await frappe.getDoc('User', email);
|
|
|
|
const match = await bcrypt.compare(password, user.password);
|
|
|
|
|
|
|
|
if (!match) {
|
|
|
|
throw new Error('Invalid password');
|
2018-04-20 10:04:12 +05:30
|
|
|
}
|
|
|
|
|
2018-04-30 19:57:41 +05:30
|
|
|
const payload = {
|
|
|
|
email: user.name,
|
|
|
|
exp: timeInSecondsAfterHr(24)
|
|
|
|
};
|
2018-06-25 13:19:11 +05:30
|
|
|
|
2018-04-30 19:57:41 +05:30
|
|
|
const token = jwt.encode(payload, jwtSecret);
|
|
|
|
res.json({
|
|
|
|
token: token
|
|
|
|
});
|
2018-06-25 13:19:11 +05:30
|
|
|
} catch (e) {
|
2018-04-30 19:57:41 +05:30
|
|
|
console.error(e);
|
2018-04-20 10:04:12 +05:30
|
|
|
res.sendStatus(401);
|
|
|
|
}
|
2018-04-30 19:57:41 +05:30
|
|
|
},
|
|
|
|
signup: async function (req, res) {
|
|
|
|
const { email, password, fullName } = req.body;
|
|
|
|
|
|
|
|
if (!(email && password && fullName)) {
|
|
|
|
res.status(400).send('Need email, password and fullName to create User');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
const saltRounds = 10;
|
|
|
|
const hash = await bcrypt.hash(password, saltRounds);
|
|
|
|
const now = DateTime.local().toISO();
|
|
|
|
|
|
|
|
const user = frappe.newDoc({
|
|
|
|
doctype: 'User',
|
|
|
|
name: email,
|
|
|
|
fullName: fullName,
|
|
|
|
password: hash,
|
|
|
|
owner: email,
|
|
|
|
modifiedBy: email,
|
|
|
|
creation: now
|
|
|
|
});
|
|
|
|
await user.insert();
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
user: user.email
|
|
|
|
});
|
2018-06-25 13:19:11 +05:30
|
|
|
} catch (e) {
|
2018-04-30 19:57:41 +05:30
|
|
|
console.error(e);
|
|
|
|
res.status(500).send('Something went wrong!');
|
|
|
|
}
|
2018-04-20 10:04:12 +05:30
|
|
|
}
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2018-06-25 13:19:11 +05:30
|
|
|
function timeInSecondsAfterHr(hour = 1) {
|
2018-04-20 10:04:12 +05:30
|
|
|
return Math.floor(Date.now() / 1000) + (3600 * hour)
|
|
|
|
}
|