@materia/users/server/auth/token.js

Signin/signup your users in your Materia application

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const crypto = require("crypto");
const oauth2orize = require("oauth2orize");
const uuid = require("uuid/v4");
const passport_oauth2_client_password_1 = require("passport-oauth2-client-password");
const passport_http_bearer_1 = require("passport-http-bearer");
const auth_1 = require("./auth");
class TokenAuth extends auth_1.Auth {
    constructor(app, config) {
        super(app, config);
        this.app.usersOAuthServer = oauth2orize.createServer();
        this.app.usersOAuthServer.exchange(oauth2orize.exchange.clientCredentials((client, res, done) => {
            const token = uuid();
            const tokenHash = crypto
                .createHash('sha1')
                .update(token)
                .digest('hex');
            this.app.entities
                .get('user_token')
                .getQuery('create')
                .run({
                token: tokenHash,
                expires_in: new Date(new Date().getTime() + 3600 * 48 * 1000),
                id_user: client.id_user,
                scope: '["*"]'
            });
            return done(null /* No error*/, token /* The generated token*/, null /* The generated refresh token, none in this case */, client /* Additional properties to be merged with the token and send in the response */);
        }));
        this.passport.use('usersClientPassword', new passport_oauth2_client_password_1.Strategy(this.verifyLogin.bind(this)));
        this.passport.use('usersAccessToken', new passport_http_bearer_1.Strategy(this.verifyToken.bind(this)));
    }
    verifyToken(accessToken, done) {
        if (!accessToken) {
            return done(null, false);
        }
        const accessTokenHash = crypto
            .createHash('sha1')
            .update(accessToken)
            .digest('hex');
        this.app.entities
            .get('user_token')
            .getQuery('get')
            .run({
            token: accessTokenHash
        }, { raw: true })
            .then(token => {
            if (!token) {
                return done(null, false);
            }
            else if (new Date() > token.expires_in) {
                this.clearExpiredTokens();
                done(null, false);
            }
            else {
                const info = { scope: '*' };
                done(null, { id_user: token.id_user, token: accessTokenHash }, info);
            }
        })
            .catch(err => {
            return done(null, false);
        });
    }
    clearExpiredTokens() {
        this.app.entities
            .get('user_token')
            .getQuery('clearExpiredTokens')
            .run();
    }
}
exports.TokenAuth = TokenAuth;
//# sourceMappingURL=token.js.map