opt-cc/opt-cc-api/routes/authenticate.js

"use strict";

// modules
const express = require('express');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');
const Q = require('q');
const _ = require('lodash');
const logger = require('debug')('cc:authenticate');

// HTTP status codes by name
const codes = require('./http-codes');

const config = require('../config');

const routerHandling = require('../middleware/router-handling');

const AppUserModel = require('../models/app-user');

const authenticate = express.Router();

// routes **********************
authenticate.route('/')
  .post((req, res, next) => {
    authCheck(req.body.username, req.body.password)
      .then((user) => {
        if (user) {
          // authentication successful
          res.send(user);
        } else {
          // authentication failed
          res.status(401).send('Username or password is incorrect');
        }
      })
      .catch((err) => {
        res.status(400).send(err);
      });
  })

  .all(
    routerHandling.httpMethodNotAllowed
  );

let authCheck = (username, password) => {
  const deferred = Q.defer();

  AppUserModel.findOne({username: username}, (err, user) => {
    if (err) deferred.reject(err.name + ': ' + err.message);

    const diff = 60 * 24; // time till expiration [minutes]

    if (user && bcrypt.compareSync(password, user.password)) {
      // authentication successful
      deferred.resolve({
        _id: user._id,
        username: user.username,
        token: jwt.sign({sub: user._id}, config.secret, {expiresIn: diff * 60}),
        tokenExpireDate: new Date(Date.now().valueOf() + diff * 60000 - 1000)
      });
    } else {
      // authentication failed
      deferred.resolve();
    }
  });

  return deferred.promise;
};


//******************************** SIGNUP ************************
//
// authenticate.route('/signup')
//   .post((req, res, next) => {
//     create(req.body)
//       .then(() => {
//         res.sendStatus(200);
//       })
//       .catch((err) => {
//         res.status(400).send(err);
//       });
//   })
//
//   .all(
//     routerHandling.httpMethodNotAllowed
//   );
//
// let create = (userParam) => {
//   const deferred = Q.defer();
//
//   // validation
//   AppUserModel.findOne(
//     {username: userParam.username},
//     (err, user) => {
//       if (err) deferred.reject(err.name + ': ' + err.message);
//
//       if (user) {
//         // username already exists
//         deferred.reject('Username "' + userParam.username + '" is already taken');
//       } else {
//         createUser();
//       }
//     });
//
//   let createUser = () => {
//     // set user object to userParam without the cleartext password
//     const user = _.omit(userParam, 'password');
//
//     // add hashed password to user object
//     user.password = bcrypt.hashSync(userParam.password, 10);
//
//     const newUser = new AppUserModel(user);
//     newUser.save((err, doc) => {
//       if (err) deferred.reject(err.name + ': ' + err.message);
//
//       deferred.resolve();
//     });
//   };
//
//   return deferred.promise;
// };


authenticate.use(routerHandling.emptyResponse);


module.exports = authenticate;
first commit 2017-05-10 11:04:06 +02:00			`"use strict";`

			`// modules`
			`const express = require('express');`
			`const jwt = require('jsonwebtoken');`
			`const bcrypt = require('bcryptjs');`
			`const Q = require('q');`
			`const _ = require('lodash');`
			`const logger = require('debug')('cc:authenticate');`

			`// HTTP status codes by name`
			`const codes = require('./http-codes');`

			`const config = require('../config');`

			`const routerHandling = require('../middleware/router-handling');`

			`const AppUserModel = require('../models/app-user');`

			`const authenticate = express.Router();`

			`// routes **********************`
			`authenticate.route('/')`
			`.post((req, res, next) => {`
			`authCheck(req.body.username, req.body.password)`
			`.then((user) => {`
			`if (user) {`
			`// authentication successful`
			`res.send(user);`
			`} else {`
			`// authentication failed`
			`res.status(401).send('Username or password is incorrect');`
			`}`
			`})`
			`.catch((err) => {`
			`res.status(400).send(err);`
			`});`
			`})`

			`.all(`
			`routerHandling.httpMethodNotAllowed`
			`);`

			`let authCheck = (username, password) => {`
			`const deferred = Q.defer();`

			`AppUserModel.findOne({username: username}, (err, user) => {`
			`if (err) deferred.reject(err.name + ': ' + err.message);`

			`const diff = 60 * 24; // time till expiration [minutes]`

			`if (user && bcrypt.compareSync(password, user.password)) {`
			`// authentication successful`
			`deferred.resolve({`
			`_id: user._id,`
			`username: user.username,`
			`token: jwt.sign({sub: user._id}, config.secret, {expiresIn: diff * 60}),`
			`tokenExpireDate: new Date(Date.now().valueOf() + diff * 60000 - 1000)`
			`});`
			`} else {`
			`// authentication failed`
			`deferred.resolve();`
			`}`
			`});`

			`return deferred.promise;`
			`};`


			`//****************************** SIGNUP **********************`
			`//`
			`// authenticate.route('/signup')`
			`// .post((req, res, next) => {`
			`// create(req.body)`
			`// .then(() => {`
			`// res.sendStatus(200);`
			`// })`
			`// .catch((err) => {`
			`// res.status(400).send(err);`
			`// });`
			`// })`
			`//`
			`// .all(`
			`// routerHandling.httpMethodNotAllowed`
			`// );`
			`//`
			`// let create = (userParam) => {`
			`// const deferred = Q.defer();`
			`//`
			`// // validation`
			`// AppUserModel.findOne(`
			`// {username: userParam.username},`
			`// (err, user) => {`
			`// if (err) deferred.reject(err.name + ': ' + err.message);`
			`//`
			`// if (user) {`
			`// // username already exists`
			`// deferred.reject('Username "' + userParam.username + '" is already taken');`
			`// } else {`
			`// createUser();`
			`// }`
			`// });`
			`//`
			`// let createUser = () => {`
			`// // set user object to userParam without the cleartext password`
			`// const user = _.omit(userParam, 'password');`
			`//`
			`// // add hashed password to user object`
			`// user.password = bcrypt.hashSync(userParam.password, 10);`
			`//`
			`// const newUser = new AppUserModel(user);`
			`// newUser.save((err, doc) => {`
			`// if (err) deferred.reject(err.name + ': ' + err.message);`
			`//`
			`// deferred.resolve();`
			`// });`
			`// };`
			`//`
			`// return deferred.promise;`
			`// };`


			`authenticate.use(routerHandling.emptyResponse);`


			`module.exports = authenticate;`