UNPKG

code-push-server

Version:

CodePush service is hotupdate services which adapter react-native-code-push and cordova-plugin-code-push

github.com/lisong/code-push-server

lisong/code-push-server

119 lines (114 loc) 3.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
'use strict'; var _ = require('lodash'); var Promise = require('bluebird'); var security = require('../core/utils/security'); var models = require('../models'); var moment = require('moment'); var AppError = require('./app-error') var middleware = module.exports var checkAuthToken = function (authToken) { var objToken = security.parseToken(authToken); return models.Users.findOne({ where: {identical: objToken.identical} }) .then((users) => { if (_.isEmpty(users)) { throw new AppError.Unauthorized(); } return models.UserTokens.findOne({ where: {tokens: authToken, uid: users.id, expires_at: { gt: moment().format('YYYY-MM-DD HH:mm:ss') }} }) .then((tokenInfo) => { if (_.isEmpty(tokenInfo)){ throw new AppError.Unauthorized() } return users; }) }).then((users) => { return users; }) } var checkAccessToken = function (accessToken) { return new Promise((resolve, reject) => { if (_.isEmpty(accessToken)) { throw new AppError.Unauthorized(); } var config = require('../core/config'); var tokenSecret = _.get(config, 'jwt.tokenSecret'); var jwt = require('jsonwebtoken'); try { var authData = jwt.verify(accessToken, tokenSecret); } catch (e) { reject(new AppError.Unauthorized()); } var uid = _.get(authData, 'uid', null); var hash = _.get(authData, 'hash', null); if (parseInt(uid) > 0) { return models.Users.findOne({ where: {id: uid} }) .then((users) => { if (_.isEmpty(users)) { throw new AppError.Unauthorized(); } if (!_.eq(hash, security.md5(users.get('ack_code')))){ throw new AppError.Unauthorized(); } resolve(users); }) .catch((e) => { reject(e); }); } else { reject(new AppError.Unauthorized()); } }); } middleware.checkToken = function(req, res, next) { var authArr = _.split(req.get('Authorization'), ' '); var authType = 1; var authToken = null; if (_.eq(authArr[0], 'Bearer')) { authType = 1; authToken = authArr[1]; //Bearer } else if(_.eq(authArr[0], 'Basic')) { authType = 2; var b = new Buffer(authArr[1], 'base64'); var user = _.split(b.toString(), ':'); authToken = _.get(user, '1'); } else { authType = 2; authToken = _.trim(_.trimStart(_.get(req, 'query.access_token', null))); } if (authType == 1) { checkAuthToken(authToken) .then((users) => { req.users = users; next(); return users; }) .catch((e) => { if (e instanceof AppError.AppError) { res.status(e.status || 404).send(e.message); } else { next(e); } }); } else if (authType == 2) { checkAccessToken(authToken) .then((users) => { req.users = users; next(); return users; }) .catch((e) => { if (e instanceof AppError.AppError) { res.status(e.status || 404).send(e.message); } else { next(e); } }); } else { res.send(new AppError.Unauthorized(`Auth type not supported.`)); } };