UNPKG

muffin

Version:

The 21st century way of building websites

149 lines (105 loc) 3.37 kB
'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); var _koaRouter = require('koa-router'); var _koaRouter2 = _interopRequireDefault(_koaRouter); var _koaJwt = require('koa-jwt'); var _koaJwt2 = _interopRequireDefault(_koaJwt); var _koaBody = require('koa-body'); var _koaBody2 = _interopRequireDefault(_koaBody); var _user = require('../../models/user'); var _user2 = _interopRequireDefault(_user); var _utils = require('../../utils'); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { return step("next", value); }, function (err) { return step("throw", err); }); } } return step("next"); }); }; } const router = new _koaRouter2.default(); router.post('/token-auth', (() => { var ref = _asyncToGenerator(function* (ctx, next) { const body = ctx.request.body; if (!body.username || !body.password) { ctx.status = 400; ctx.body = { error: 'User and/or password empty' }; return; } const query = _user2.default.where({ _id: body.username }); let user = false; try { user = yield query.findOne(); } catch (err) { (0, _utils.log)('Couldn\'t load user', err); } if (!user) { ctx.status = 400; ctx.body = { error: 'User doesn\'t exist' }; return; } // Compare password with the one within the DB const isMatch = user.tryPassword(body.password); if (isMatch) { const token = _koaJwt2.default.sign(body, process.env.SESSION_SECRET, { expiresIn: 300 }); ctx.body = { token: token }; return; } ctx.status = 400; ctx.body = { error: 'Wrong password' }; yield next(); }); return function (_x, _x2) { return ref.apply(this, arguments); }; })()); router.post('/token-refresh', (() => { var ref = _asyncToGenerator(function* (ctx, next) { const token = ctx.request.body.token; let decoded = false; try { decoded = _koaJwt2.default.verify(token, process.env.SESSION_SECRET); } catch (err) { ctx.status = 401; ctx.body = { error: err }; return; } const query = _user2.default.where({ _id: decoded.username }); let user = false; try { user = yield query.findOne(); } catch (err) { (0, _utils.log)('Couldn\'t load user', err); } if (!user) { ctx.status = 401; ctx.body = { error: 'User doesn\'t exist' }; return; } const isMatch = user.tryPassword(decoded.password); if (isMatch) { ctx.body = { token: _koaJwt2.default.sign(decoded, process.env.SESSION_SECRET, { expiresIn: 300 }) }; return; } ctx.status = 401; ctx.body = { error: 'Wrong password' }; yield next(); }); return function (_x3, _x4) { return ref.apply(this, arguments); }; })()); exports.default = router; module.exports = exports['default'];