forked from angular-fullstack/generator-angular-fullstack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.service.js
97 lines (91 loc) · 2.56 KB
/
auth.service.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
'use strict';
<% if (filters.mongooseModels) { %>
var mongoose = require('mongoose-bird')();<% } %>
var passport = require('passport');
var config = require('../config/environment');
var jwt = require('jsonwebtoken');
var expressJwt = require('express-jwt');
var compose = require('composable-middleware');<% if (filters.mongooseModels) { %>
var User = require('../api/user/user.model');<% } %><% if (filters.sequelizeModels) { %>
var User = require('../sqldb').User;<% } %>
var validateJwt = expressJwt({
secret: config.secrets.session
});
/**
* Attaches the user object to the request if authenticated
* Otherwise returns 403
*/
function isAuthenticated() {
return compose()
// Validate jwt
.use(function(req, res, next) {
// allow access_token to be passed through query parameter as well
if (req.query && req.query.hasOwnProperty('access_token')) {
req.headers.authorization = 'Bearer ' + req.query.access_token;
}
validateJwt(req, res, next);
})
// Attach user to request
.use(function(req, res, next) {
<% if (filters.mongooseModels) { %>User.findByIdAsync(req.user._id)<% }
if (filters.sequelizeModels) { %>User.find({
where: {
_id: req.user._id
}
})<% } %>
.then(function(user) {
if (!user) {
return res.send(401);
}
req.user = user;
next();
})
.catch(function(err) {
return next(err);
});
});
}
/**
* Checks if the user role meets the minimum requirements of the route
*/
function hasRole(roleRequired) {
if (!roleRequired) {
throw new Error('Required role needs to be set');
}
return compose()
.use(isAuthenticated())
.use(function meetsRequirements(req, res, next) {
if (config.userRoles.indexOf(req.user.role) >=
config.userRoles.indexOf(roleRequired)) {
next();
}
else {
res.send(403);
}
});
}
/**
* Returns a jwt token signed by the app secret
*/
function signToken(id) {
return jwt.sign({ _id: id }, config.secrets.session, {
expiresInMinutes: 60 * 5
});
}
/**
* Set token cookie directly for oAuth strategies
*/
function setTokenCookie(req, res) {
if (!req.user) {
return res.json(404, {
message: 'Something went wrong, please try again.'
});
}
var token = signToken(req.user._id);
res.cookie('token', JSON.stringify(token));
res.redirect('/');
}
exports.isAuthenticated = isAuthenticated;
exports.hasRole = hasRole;
exports.signToken = signToken;
exports.setTokenCookie = setTokenCookie;