muffin
Version:
The 21st century way of building websites
149 lines (105 loc) • 3.37 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
var _koaRouter = require('koa-router');
var _koaRouter2 = _interopRequireDefault(_koaRouter);
var _koaJwt = require('koa-jwt');
var _koaJwt2 = _interopRequireDefault(_koaJwt);
var _koaBody = require('koa-body');
var _koaBody2 = _interopRequireDefault(_koaBody);
var _user = require('../../models/user');
var _user2 = _interopRequireDefault(_user);
var _utils = require('../../utils');
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { return step("next", value); }, function (err) { return step("throw", err); }); } } return step("next"); }); }; }
const router = new _koaRouter2.default();
router.post('/token-auth', (() => {
var ref = _asyncToGenerator(function* (ctx, next) {
const body = ctx.request.body;
if (!body.username || !body.password) {
ctx.status = 400;
ctx.body = {
error: 'User and/or password empty'
};
return;
}
const query = _user2.default.where({ _id: body.username });
let user = false;
try {
user = yield query.findOne();
} catch (err) {
(0, _utils.log)('Couldn\'t load user', err);
}
if (!user) {
ctx.status = 400;
ctx.body = {
error: 'User doesn\'t exist'
};
return;
}
// Compare password with the one within the DB
const isMatch = user.tryPassword(body.password);
if (isMatch) {
const token = _koaJwt2.default.sign(body, process.env.SESSION_SECRET, {
expiresIn: 300
});
ctx.body = { token: token };
return;
}
ctx.status = 400;
ctx.body = {
error: 'Wrong password'
};
yield next();
});
return function (_x, _x2) {
return ref.apply(this, arguments);
};
})());
router.post('/token-refresh', (() => {
var ref = _asyncToGenerator(function* (ctx, next) {
const token = ctx.request.body.token;
let decoded = false;
try {
decoded = _koaJwt2.default.verify(token, process.env.SESSION_SECRET);
} catch (err) {
ctx.status = 401;
ctx.body = { error: err };
return;
}
const query = _user2.default.where({ _id: decoded.username });
let user = false;
try {
user = yield query.findOne();
} catch (err) {
(0, _utils.log)('Couldn\'t load user', err);
}
if (!user) {
ctx.status = 401;
ctx.body = {
error: 'User doesn\'t exist'
};
return;
}
const isMatch = user.tryPassword(decoded.password);
if (isMatch) {
ctx.body = {
token: _koaJwt2.default.sign(decoded, process.env.SESSION_SECRET, {
expiresIn: 300
})
};
return;
}
ctx.status = 401;
ctx.body = {
error: 'Wrong password'
};
yield next();
});
return function (_x3, _x4) {
return ref.apply(this, arguments);
};
})());
exports.default = router;
module.exports = exports['default'];