if(err) {return done(err);}
if(!isMatch) {return done(null, false);}
return done(null, user);
});
})
});
// Setup options for JWT Strategy
const jwtOptions = {
jwtFromRequest: ExtractJwt.fromHeader('authorization'),
secretOrKey: config.secret
};
// Create JWT strategy
const jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
// See if the user ID in the payload exists in our database
// If it does, call 'done' with that other
// otherwise, call done without a user object
User.findById(payload.sub, function(err, user) {
if (err) { return done(err, false); }
if (user) {
done(null, user);
} else {
done(null, false);
const passport = require('passport');
const User = require('../models/user');
const config = require('./main');
const JwtStrat = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const LocalStrat = require('passport-local');
const LOCAL_OPTS = { usernameField: 'username' };
const JWT_OPTS = {
jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('jwt'),
secretOrKey: config.secret,
};
const localLogin = new LocalStrat(LOCAL_OPTS, (username, password, done) => {
User.findOne({ username: username }, (err, user) => {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, {
error: 'Your login details could not be verified. Please try again.',
});
}
user.comparePassword(password, (err, matches) => {
if (err) {
return done(err);
}
if (!matches) {
if(err) { return done(err); }
if(!user) { return done(null, false, { error: '亲,您的用户名不存在哦 :(' }); }
user.comparePassword(password, function(err, isMatch) {
if (err) { return done(err); }
if (!isMatch) { return done(null, false, { error: "亲,您的密码无效 :(" }); }
return done(null, user);
});
});
});
// Setting JWT strategy options
const jwtOptions = {
// Telling Passport to check authorization headers for JWT
jwtFromRequest: ExtractJwt.fromAuthHeader(),
// Telling Passport where to find the secret
secretOrKey: config.secret
};
// Setting up JWT login strategy
const jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
User.findById(payload._doc._id, function(err, user) {
if (err) { return done(err, false); }
if (user) {
console.log(user);
done(null, user);
} else {
done(null, false);
}
import passport from 'passport';
import config from '../../config/config';
import { Strategy, ExtractJwt } from 'passport-jwt';
import controller from '../controllers/index';
const jwtOptions = {
jwtFromRequest: ExtractJwt.fromUrlQueryParameter('token'),
secretOrKey: config.secret,
};
const jwtLogin = new Strategy(jwtOptions, function(payload, done) {
return controller.getUser({ email: payload.sub })
.then((user) => {
if(user){
return done(null, user);
} else {
return done(null, false);
}
})
.catch((error) => done(error, false))
});
passport.use(jwtLogin);
var ExtractJwt = require('passport-jwt').ExtractJwt;
var app = express();
app.disable('etag');
app.set('trust proxy', true);
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.use(cors());
app.use(passport.initialize());
var opts = {}
opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
opts.secretOrKey = config.get('API_SECRET');
passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
done(null, jwt_payload);
}));
app.use('/systemaccounting/users', require('./users/crud'));
// Targets index.html for Node.js Flexible Environment
// See default value for index property of express.static method:
// http://expressjs.com/en/4x/api.html#express.static
app.use('/', express.static(__dirname + '/build'));
// Basic 404 handler
app.use(function (req, res) {
'use strict';
import mongoose from 'mongoose';
import passportJwt from 'passport-jwt';
import _debug from 'debug';
import config from '../config';
const debug = _debug('ion-conf-app:api.auth.jwt');
const User = mongoose.model('User');
const opts = {};
opts.jwtFromRequest = passportJwt.ExtractJwt.fromAuthHeaderWithScheme('Bearer');
opts.secretOrKey = config.secret;
export default new passportJwt.Strategy(opts, async(jwt_payload, done) => { // eslint-disable-line
try {
const user = await User.findById(jwt_payload.user._id);
if (!user) {
debug('User not found ==> %s', jwt_payload.user._id);
return done(null, false);
}
if (!user.active) {
debug('User not active ==> %j', user);
return done(null, false);
}
return done(null, user, { scope: '*' });
} catch (error) {
return done(error);
}
});
import passport from 'passport';
import { Strategy as JWTStrategy, ExtractJwt } from 'passport-jwt';
import { SECRET } from '~/env';
import { User } from '~/authorization/document';
passport.use(new JWTStrategy(
{
jwtFromRequest: ExtractJwt.fromHeader('token'),
secretOrKey: SECRET,
},
async (jwtPayload, done) => {
try {
if (Date.now() > jwtPayload.expires) return done('Token expired');
const user = await User.findOne({ username: jwtPayload.username }).exec();
return done(null, user);
} catch (error) {
return done(error);
}
},
));
export default passport;
},
strategies: {
jwt: {
strategy: JwtStrategy,
tokenOptions: {
expiresInSeconds: EXPIRES_IN_SECONDS,
secret: SECRET,
algorithm: ALGORITHM,
issuer: ISSUER,
audience: AUDIENCE
},
options: {
secretOrKey: SECRET,
issuer: ISSUER,
audience: AUDIENCE,
jwtFromRequest: ExtractJwt.fromAuthHeader() //Authorization: JWT JSON_WEB_TOKEN_STRING
}
},
local: {
strategy: require('passport-local').Strategy,
options: {
usernameField: 'username'
}
}
}
},
main: {
packs: [
smokesignals.Trailpack,
require('trailpack-core'),
require('trailpack-waterline'),
var AccountManager = require('dl-module').managers.auth.AccountManager;
var db = require('../db');
var passport = require('passport');
var JwtStrategy = require('passport-jwt').Strategy;
var JwtExtract = require('passport-jwt').ExtractJwt;
var options = {};
options.jwtFromRequest = JwtExtract.fromAuthHeaderWithScheme("Bearer");
options.secretOrKey = process.env.AUTH_SECRET;
passport.use(new JwtStrategy(options,
function(jwtPayload, done) {
return done(null, jwtPayload);
}
));
module.exports = passport.authenticate('jwt', {
session: false
});
const user = await User.findOne({ email: username })
if (!user) {
return done(null, false)
}
const valid = await user.comparePasswords(password)
if (!valid) {
return done(null, false)
}
return done(null, user)
})
)
passport.serializeUser(User.serializeUser())
passport.deserializeUser(User.deserializeUser())
const jwtOptions = {
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: process.env.JWT_SECRET
}
passport.use(
new JwtStrategy(jwtOptions, async function (jwtPayload, done) {
const user = await User.findById(jwtPayload.userId)
if (user) {
return done(null, user)
}
return done(null, false)
})
)
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const mongoose = require('mongoose');
const User = mongoose.model('users');
const keys = require('../config/keys');
const opts = {};
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = keys.secretOrKey;
module.exports = passport => {
passport.use(
new JwtStrategy(opts, (jwt_payload, done) => {
User.findById(jwt_payload.id)
.then(user => {
if (user) {
return done(null, user);
}
return done(null, false);
})
.catch(err => console.log(err));
})
);
};
const localLogin = new LocalStrategy(localOptions, (email, password, done) => {
User.findOne({ email }, (err, user) => {
if (err) { return done(err); }
if (!user) { return done(null, false); }
user.checkPassword(password, (err, isMatch) => {
if (err) { return done(err); }
if (!isMatch) { return done(null, false); }
return done(null, user);
});
});
});
const fromHeader = ExtractJwt.fromHeader('authorization');
const fromQueryParam = ExtractJwt.fromUrlQueryParameter('authorization');
const jwtOptions = {
jwtFromRequest: (req) => {
return (fromHeader(req) || fromQueryParam(req));
},
secretOrKey: secret
};
const jwtLogin = new Strategy(jwtOptions, (payload, done) => {
if (payload.exp <= Date.now()) {
return done({ error: 'token has expired' }, false);
}
// jwt subject contains our user id
User.findOne(payload.sub, (err, user) => {
'use strict';
const nconf = require('nconf');
const passport = require('passport');
const mongoose = require('mongoose');
const WeChatStrategy = require('passport-wechat');
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
var CustomerAccount = require('./models/customer-account');
var AdministratorAccount = require('./models/administrator-account');
var ManufacturerAccount = require('./models/manufacturer-account');
var jwtOpts = {
secretOrKey: nconf.get('secret'),
jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('Bearer')
};
var wechatClientOpts = {
appID: nconf.get('wechat:appId'),
appSecret: nconf.get('wechat:appSecret'),
client: 'wechat',
callbackURL: nconf.get('wechat:callbackUrl'),
scope: nconf.get('wechat:scope'),
state: nconf.get('wechat:state')
};
var wechatWebOpts = {
appID: nconf.get('wechat:appId'),
appSecret: nconf.get('wechat:appSecret'),
client: 'web',
callbackURL: nconf.get('wechat:callbackUrl'),
module.exports = function (passport) { //passport bliver sendt med ude fra app.js
var opts = {};
opts.secretOrKey = jwtConfig.secret;
opts.issuer = jwtConfig.issuer;
opts.audience = jwtConfig.audience;
opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
passport.use(new JwtStrategy(opts, function (jwt_payload, done) {
console.log("PAYLOAD: " + jwt_payload);
User.findOne({userName: jwt_payload.sub}, function (err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user); //payload kan returneres i stedet for user hvis ønsket.
} else {
done(null, false, "User and token not found");
}
});
}));
passport.use(new FacebookStrategy({
clientID: "600121516807390",
clientSecret: "57247e652342f4a35717b8a0476500af",
callbackURL: 'http://localhost:5000/api/auth/login/facebook/callback',
profileFields: ['id', 'email', 'birthday', 'displayName', 'friends'] //Hvad vi vil have retur...
},
function (accessToken, refreshToken, profile, done) {
process.nextTick(function () {
//// In this example, the user's Facebook profile is supplied as the user
//// record. In a production-quality application, the Facebook profile should
//// be associated with a user record in the application's database, which
//// allows for account linking and authentication with other identity
//// providers.
//return cb(null, {profile: profile, accessToken : accessToken});
//Vi kigger efter brugeren i db.
User.findOne({'facebook.id': profile.id}, function (err, user) {
if (err) {
//Hvis der sker en fejl.
console.log("ERROR IN LOOKING UP FACEBOOK!");
console.log(err);
return done(err);
}
//Hvis brugeren findes, returneres den.
if (user) {
console.log("FACEBOOK USER FOUND");
return done(null, user);
//Hvis ikke brugeren findes, oprettese denne.
} else {
console.log("CREATING NEW FACEBOOK USER");
var newUser = new User();
newUser.local.userName = "******"+profile.id;
newUser.local.password = profile.id;
newUser.facebook.id = profile.id;
newUser.facebook.token = accessToken;
newUser.facebook.name = profile.displayName;
newUser.facebook.email = profile.emails[0].value;
console.log("NEW USER: " + newUser);
newUser.save(function (err) {
if (err) {
console.log(err);
throw err;
} else {
//Hvis ingen fejl i db-kald, returneres useren vi har bedt om, med de parametre som vi har gemt i db.
return done(null, user);
}
})
}
});
});
}));
// Configure Passport authenticated session persistence.
//
// In order to restore authentication state across HTTP requests, Passport needs
// to serialize users into and deserialize users out of the session. In a
// production-quality application, this would typically be as simple as
// supplying the user ID when serializing, and querying the user record by ID
// from the database when deserializing. However, due to the fact that this
// example does not have a database, the complete Twitter profile is serialized
// and deserialized.
passport.serializeUser(function (user, cb) {
cb(null, user);
});
passport.deserializeUser(function (obj, cb) {
cb(null, obj);
});
};