function tokenForUser(user) {
return jwt.encode({sub: user.id, iat: Date.now()}, config.secret);
}
bcrypt.compare(req.body.password, user.password, function(err, valid){
if(err) { return next(err) }
if(!valid) { return res.sendStatus(401) }
var token = jwt.encode({username: user.username}, config.secret)
res.send(token)
})
//take user ID and encode it with secret
function tokenForUser(user) {
const timestamp = new Date().getTime();
//sub = subject, iat = Issued At Time
return jwt.encode({ sub: user.id, iat: timestamp }, config.secret);
}
function tokenForUser(user) {
const timestamp = new Date().getTime();
return jwt.encode({ sub: user.id, iat: timestamp }, config.secret);
}
getToken: function(user) {
return jwt.encode(user.id, secret);
}
const tokenForUser = (email) => {
const timestamp = new Date().getTime();
return jwt.encode({ sub: email, iat: timestamp }, AUTH_SECRET);
}
newUser.save().then(function(newUser) {
db.Users.add(newUser);
console.log("User Saved");
token = jwt.encode(user.username, 'secret');
db.emit("userAdded", token);
});
.then(function(newOrg) {
var token = jwt.encode(newOrg, 'not your bussines!!');
res.json({token: token});
});
.then(function(user) {
// create token to send back for authorization
var token = jwt.encode(user, 'superskrull');
res.json({token: token});
})
.then(response => {
res.setHeader('Authorization', jwt.encode(response.Session.authToken, config.jwtSecret));
res.setHeader('AuthExpiration', response.Session.expiresOn);
res.json(response);
})
TokenModel.encode = function(data) {
return jwt.encode(data, tokenConfig.tokenSecret);
};
encode: function(data) {
return jwt.encode(data, token_secret)
},
.then(() => {
res.json({
token: jwt.encode(req.body, config.TOKEN_SECRET),
})
})
bcrypt.hash(password, null, null, function(err, hash) {
db.createUser(username, hash);
res.json({token: jwt.encode(username, SECRET)});
next();
});
.then(function(user){
var token = jwt.encode({ id: user.id }, 'foobar');
res.send({ id: token});
})
TokenUtils.encrypt = function (value) {
return jwt.encode(value, config.TOKEN_SECRET);
}
function createToken(claims) {
return jwt.encode(claims, tenant.secret);
}
UserSchema.statics.encode = function(data) {
return JWT.encode(data, Constants.TOKEN_SECRET, 'HS256');
};
.then(function(user) {
var token = jwt.encode(user, process.env.JWT_SECRET);
res.json({token:token});
})
// Helper Methods (Refactor into Separate File)
function generateToken(user){
// Add issued at timestamp and subject
// Based on the JWT convention
var timestamp = new Date().getTime();
return jwt.encode({ sub: user.id, iat: timestamp }, secret.secret);
}
.then(function (result) {
user.type = 'user_token';
user.auth_token = jwt.encode(_.pick(user, ['username', '_id', 'email', 'type']), config.jwt_secret);
return done(null, _.pick(user, ['username', 'firstname', 'lastname', '_id', 'email', 'admin', 'timestamp', 'auth_token']));
})
exports.generateToken = function (user) {
return jwt.encode({
id: user.id,
username: user.username
}, config.secret)
}
encode: function(id) {
return jwt.encode({id: id}, secret);
},
.catch((error) => {
let initialState = { session: { user: false, error: false } }
let token = jwt.encode(initialState, config.secret)
res.render('index', {initialState: JSON.stringify(token)})
})
schema.methods.token = function () {
const sub = this._id;
const exp = (Date.now() / 1000) + 60;
const secret = process.env.SECRET;
return jwt.encode({ sub, exp }, secret);
};
.then(user => {
token = jwt.encode({id: user.id}, jwtSecret);
done();
});
.then(function (user) {
console.log(user);
// create token to send back for auth
var token = jwt.encode(user, 'secret');
res.json({token: token});
})
describe('superagent:', function() {
var agent = superagent.agent();
var name = 'tim7';
var ucnt = 0;
var apikey = 'dog';
var ureg = 'tim2';
var uav = 'fred';
var token ='';
var eregtim = '*****@*****.**';
var enottim = '*****@*****.**';
var timtoken = jwt.encode({ name: 'tim' }, secret);
it('GET / should be running and return: please select...', function(done) {
superagent.get(httpLoc)
.end(function(e, res) {
//console.log(res.body)
expect(e).to.eql(null)
expect(res.body.length).to.be.above(0)
expect(res.body).to.be.a('string')
done()
})
})
/*-----------------------------------authentication-----------------------------------------------*/
describe('signup', function() {
//before(loginUser(agent));
it('gets a [available] for user tim ', function(done) {
agent
.get(httpLoc + 'isUser/' + ureg)
.end(function(e, res) {
console.log(res.body)
expect(res.body.message).to.be(' available')
done()
})
})
it('gets a [available] for user tim and email and creates user', function(done) {
agent
.get(httpLoc + 'isMatch/?name=' + ureg + '&email=' + eregtim)
.end(function(e, res) {
console.log(res.body)
expect(res.body.message).to.be('available')
done()
})
})
it('gets a [conflict] to existing user and wrong email', function(done) {
agent
.get(httpLoc + 'isMatch/?name=' + ureg + '&email=f' + eregtim)
.end(function(e, res) {
console.log(res.body)
expect(res.body.message).to.be('conflict')
done()
})
})
})
describe('authenticate', function() {
it('reads apikey from file, expects it to be 24 characters' ,function(done){
fs.readFile('./key', 'utf8', function(err, data) {
if (err) {
return console.log(err);
}
apikey = data
console.log(apikey)
expect(data.length).to.be(24)
done()
})
})
it('POSTs /authenticates w apikey and returns token', function(done) {
agent
.post(httpLoc + 'authenticate/' + ureg)
.send({
apikey: apikey
})
.end(function(e, res) {
console.log(apikey)
console.log(res.body)
var payload = {
name: ureg
};
token = jwt.encode(payload, secret);
expect(res.body.token).to.be(token);
done();
})
}
)
it('POSTs fails with 401 for tim with wrong apikey', function(done) {
agent
.post(httpLoc + 'authenticate/tim')
.send({
apikey: '123457'
})
.end(function(e, res) {
console.log(res.status);
expect(res.status).to.be(401);
done();
})
}
)
it('POSTs fails for tim with tim2 apikey', function(done) {
agent
.post(httpLoc + 'authenticate/tim')
.send({
apikey: apikey
})
.end(function(e, res) {
console.log(res.body)
expect(res.body.token).to.be(undefined);
expect(res.body.message).to.be('apikey does not match user');
done();
})
}
)
})
describe('users', function() {
it('GETs succeeds w userinfo from api/account when passed token', function(done) {
agent
.get(httpLoc + 'account/')
.set('Authorization', 'Bearer ' + token)
.end(function(e, res) {
console.log(e)
console.log(res.body)
expect(res.body.apikey).to.be(apikey);
done()
})
})
it('GETs fails 401(unauth) on api/account when no token', function(done) {
agent
.get(httpLoc + 'account/')
//.set('Authorization', 'Bearer ' + token+'4')
.end(function(e, res) {
console.log(e.status)
console.log(e.message)
console.log(res.body)
expect(e.status).to.be(401);
done()
})
})
it('GETs fails api/account when bad token', function(done) {
agent
.get(httpLoc + 'account/')
.set('Authorization', 'Bearer ' + token+'4')
.end(function(e, res) {
console.log(e.status)
console.log(e.message)
console.log(res.body)
expect(e.status).to.be(401);
done()
})
})
it('DELETES user tim2', function(done){
agent
.del(httpLoc + 'users/'+ureg)
.set('Authorization', 'Bearer ' + token)
.end(function(e, res) {
console.log(res.body)
expect(e).to.eql(null)
expect(res.body).to.eql(1)
done()
})
})
})
describe('lists', function() {
it('GETs authenticated frog', function(done){
agent
.get(httpLoc + 'frog')
.set('Authorization', 'Bearer ' + timtoken)
.end(function(e, res) {
console.log(res.body)
expect(res.body).to.be('You are a frog, Uli');
done()
})
})
it('GETs authenticated dog', function(done){
agent
.get(httpLoc + 'dog')
.set('Authorization', 'Bearer ' + timtoken)
.end(function(e, res) {
console.log(res.body)
expect(res.body).to.be('You are a dog, Uli');
done()
})
})
it('GETs authenticated cat', function(done){
agent
.get(httpLoc + 'cat/')
.set('Authorization', 'Bearer ' + timtoken)
.end(function(e, res) {
console.log(res.body)
expect(res.body).to.be('You are a cat, mabibi');
done()
})
})
it('GETs succeeds w list from api/lists/Jutebi when passed token', function(done) {
agent
.get(httpLoc + 'lists/Jutebi')
.set('Authorization', 'Bearer ' + timtoken)
.end(function(e, res) {
//console.log(e)
console.log(res.body.shops)
expect(res.body.lid).to.be('Jutebi');
done()
})
})
})
})
function tokenForUser(user) {
const timestamp = new Date().getTime()
return jwt.encode({ sub: user.id, iat: timestamp }, config[process.env.NODE_ENV].jwt_secret)
}
// res.sendStatus(200);
// });
app.get('/protected', function (req, res) {
res.sendStatus(200);
});
app.use(function (err, req, res, next) {
if (err.name === 'UnauthorizedError') {
res.status(401).send('invalid token...');
}
});
// encode
var token = jwt.encode(payload, secret);
var fbToken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ2IjowLCJkIjp7InByb3ZpZGVyIjoicGFzc3dvcmQiLCJ1aWQiOiIwM2FmZDBkYi03YTdmLTQ0MmQtODM0Yi1kZWRkZTQwYWFmYWYifSwiaWF0IjoxNDYwOTA2MDEwfQ.nSg4muXFmx3xFAGzvCdj7lvw4Dcq97ojxem3w0N40_U'
// decode
var decoded = jwt.decode(fbToken, secret);
console.log(decoded); //=> { foo: 'bar' }
var fbTokenAlter = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ2IjowLCJkIjp7InByb3ZpZGVyIjoicGFzc3dvcmQiLCJ1aWQiOiIwM2FmZDBkYi03YTdmLTQ0MmQtODM0Yi1kZWRkZTQwYWFmYWYifSwiaWF0IjoxNDYwOTA2MDEwfQ.nSg4muXFmx3xxxFAGzvCdj7lvw4Dcq97ojxem3w0N40_U'
try {
var wrongDecode = jwt.decode(fbTokenAlter, secret);
}
catch (e) {
// statements to handle any exceptions