2
0
mirror of https://github.com/frappe/books.git synced 2024-12-23 03:19:01 +00:00

Init Auth

- Add simple token based auth
This commit is contained in:
Suraj Shetty 2018-04-20 10:04:12 +05:30
parent e46963d8c1
commit e062ed2ee9
5 changed files with 112 additions and 7 deletions

77
auth/auth.js Normal file
View File

@ -0,0 +1,77 @@
const jwt = require("jwt-simple");
const frappe = require("frappejs");
const passport = require("passport");
const passportJWT = require("passport-jwt");
const jwtSecret = require('crypto').randomBytes(256);
const ExtractJwt = passportJWT.ExtractJwt;
const Strategy = passportJWT.Strategy;
const params = {
secretOrKey: jwtSecret,
jwtFromRequest: ExtractJwt.fromHeader('token')
};
module.exports = () => {
const strategy = new Strategy(params, async function (payload, done) {
const email = payload.email;
if (!email) return done(new Error("Invalid Request"), null)
const user = (await frappe.db.getAll({
doctype: 'User',
filters: { name: email }
}))[0];
if (user) {
return done(null, {
email: user.email
});
} else {
return done(new Error("User not found"), null);
}
});
passport.use(strategy);
return {
initialize: () => {
return passport.initialize();
},
authenticate: () => {
return passport.authenticate("jwt", { session: false });
},
login: async function (req, res) {
if (req.body.email && req.body.password) {
const name = req.body.email || req.body.name;
const password = req.body.password;
const user = (await frappe.db.getAll({
doctype: 'User',
filters: { password, name }
}))[0];
if (user) {
const payload = {
email: user.name,
exp: timeInSecondsAfterHr(24)
};
const token = jwt.encode(payload, jwtSecret);
res.json({
token: token
});
} else {
res.sendStatus(401);
}
} else {
res.sendStatus(401);
}
}
};
};
function timeInSecondsAfterHr(hour=1) {
return Math.floor(Date.now() / 1000) + (3600 * hour)
}

View File

@ -108,10 +108,14 @@ module.exports = class HTTPClient extends Observable {
}
getHeaders() {
return {
const headers = {
'Accept': 'application/json',
'Content-Type': 'application/json'
}
};
if (frappe.auth && frappe.auth.token) {
headers.token = frappe.auth.token;
};
return headers;
}
initTypeMap() {

View File

@ -5,17 +5,23 @@ module.exports = {
"isChild": 0,
"keywordFields": [
"name",
"full_name"
"fullName"
],
"fields": [
{
"fieldname": "name",
"label": "Name",
"label": "Email",
"fieldtype": "Data",
"required": 1
},
{
"fieldname": "full_name",
"fieldname": "password",
"label": "Password",
"fieldtype": "Password",
"required": 1
},
{
"fieldname": "fullName",
"label": "Full Name",
"fieldtype": "Data",
"required": 1
@ -25,6 +31,12 @@ module.exports = {
"label": "Roles",
"fieldtype": "Table",
"childtype": "UserRole"
},
{
"fieldname": "userId",
"label": "User ID",
"fieldtype": "Data",
"hidden": 1
}
]
}

View File

@ -24,15 +24,19 @@
"frappejs": "../frappejs",
"jquery": "^3.3.1",
"luxon": "^1.0.0",
"jwt-simple": "^0.5.1",
"mkdirp": "^0.5.1",
"mocha": "^4.1.0",
"moment": "^2.20.1",
"morgan": "^1.9.0",
"mysql": "^2.15.0",
"node-fetch": "^1.7.3",
"node-sass": "^4.7.2",
"nodemon": "^1.14.7",
"nunjucks": "^3.1.0",
"octicons": "^7.2.0",
"passport": "^0.4.0",
"passport-jwt": "^4.0.0",
"popper.js": "^1.12.9",
"precss": "^2.0.0",
"puppeteer": "^1.2.0",

View File

@ -13,14 +13,15 @@ const common = require('frappejs/common');
const bodyParser = require('body-parser');
const fs = require('fs');
const { setupExpressRoute: setRouteForPDF } = require('frappejs/server/pdf');
const auth = require('./../auth/auth')();
const morgan = require('morgan')
require.extensions['.html'] = function (module, filename) {
module.exports = fs.readFileSync(filename, 'utf8');
};
module.exports = {
async start({backend, connectionParams, models, staticPath = './'}) {
async start({backend, connectionParams, models, staticPath = './', authConfig=null}) {
await this.init();
if (models) {
@ -34,6 +35,13 @@ module.exports = {
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(express.static(staticPath));
app.use(morgan('tiny'));
if(authConfig) {
app.post("/api/login", auth.login);
app.use(auth.initialize(authConfig));
app.all("/api/resource/*", auth.authenticate());
}
// socketio
io.on('connection', function (socket) {