@pan-os/cerberus
Version:
security wrapper to protect routes dynamically with heimdall structure
43 lines (33 loc) • 1.1 kB
JavaScript
/* eslint-disable no-underscore-dangle */
/**
* Module dependencies
*/
const { InvalidCredentialsError, InternalServerError } = require('restify-errors');
const bcrypt = require('bcryptjs');
const { generateWebToken } = require('../token');
const authenticate = (plainPassword, user, done) => {
const { psalt } = user._doc;
if (bcrypt.compareSync(plainPassword, psalt)) {
const payload = {
_username: user.email,
_id: user._id,
};
const token = generateWebToken(payload);
// Return auth object
const response = {
success: true,
message: 'Pan Services Auth - Generated Web Token',
token,
};
done(null, response);
}
return done(null, false, { error: new InvalidCredentialsError() });
};
module.exports = (User) => (email, password, done) => User.findOne({ email }, (err, user) => {
if (!user) return done(null, false, { error: new InvalidCredentialsError(err) });
if (err) {
console.err(err);
return done(null, false, { error: new InternalServerError(err) });
}
return authenticate(password, user, done);
});