Properly authenticate user against DB

2018-12-16 21:51:00 -05:00
parent 46dc80d46d
commit d8bdf45283
5 changed files with 42 additions and 30 deletions
--- a/src/auth/index.js
+++ b/src/auth/index.js
@@ -10,21 +10,27 @@ export default User => ({
   * @returns {*}
   */
  login: (req, res) => {
-    let { email, password } = req.body;
-    //This lookup would normally be done using a database
-    if (email === 'james@jamestest.com') {
-      if (password === 'test123') { //the password compare would normally be done using bcrypt.
+    let { email, password} = req.body;
+    console.log(email);
+    console.log(password);
+
+    User.findByUsername(email, (err, user) => {
+      if (err || !user) return res.status(401).json({ message: 'Auth Failed' });
+
+      user.authenticate(password, (authErr, model, passwordError) => {
+        if (authErr || passwordError) return res.status(401).json({ message: 'Auth Failed' });
+
+        console.log('Correct password. Generating token.');
        let opts = {};
-        opts.expiresIn = 120;  //token expires in 2min
-        const secret = 'SECRET_KEY'; //normally stored in process.env.secret
+        opts.expiresIn = process.env.tokenExpiration || 1200;  // 20min default expiration
+        const secret = process.env.secret || 'SECRET_KEY';
        const token = jwt.sign({ email }, secret, opts);
        return res.status(200).json({
          message: 'Auth Passed',
          token
-        })
-      }
-    }
-    return res.status(401).json({ message: 'Auth Failed' });
+        });
+      })
+    });
  },

  /**
--- a/src/auth/jwt.js
+++ b/src/auth/jwt.js
@@ -3,17 +3,11 @@ import passportJwt from 'passport-jwt';
 const JwtStrategy = passportJwt.Strategy;
 const ExtractJwt = passportJwt.ExtractJwt;

-const opts = {}
-opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
-opts.secretOrKey = 'SECRET_KEY'; //normally store this in process.env.secret
+const opts = {};
+opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('JWT');
+opts.secretOrKey = process.env.secret || 'SECRET_KEY';

-export default User => new JwtStrategy(opts, (jwtPayload, done) => {
-
-  // Access to User model
-  console.log(User);
-
-  if (jwtPayload.email === 'james@jamestest.com') {
-      return done(null, true)
-  }
-  return done(null, false)
+export default () => new JwtStrategy(opts, (jwtPayload, done) => {
+  console.log(`Token authenticated for user: ${jwtPayload.email}`);
+  return done(null, true);
 })
--- a/src/index.js
+++ b/src/index.js
@@ -14,12 +14,12 @@ module.exports = {
      }
    });

-    // configure passport for Auth
+    // Configure passport for Auth
    options.app.use(passport.initialize());
    options.app.use(passport.session());

    passport.use(options.user.createStrategy());
-    passport.use(jwtStrategy(options.user));
+    passport.use(jwtStrategy());
    passport.serializeUser(options.user.serializeUser());
    passport.deserializeUser(options.user.deserializeUser());

--- a/src/user/index.js
+++ b/src/user/index.js
@@ -17,7 +17,7 @@ module.exports = User => ({
        return next(error);
      }
      passport.authenticate('local')(req, res, () => {
-        res.json({ user });
+        res.json({ email: user.email, role: user.role, createdAt: user.createdAt });
      });
    });
  }