try {
const auth_data = req.body;
const auth = await db.authentication.create( auth_data );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Create authentication error: ${ error.message }` );
next( createError( error.status || 400, error.message ) );
const { user_id } = req.params;
const auth = await db.authentication.find_by_user_id( parseInt( user_id ) );
if (!auth) return next( createError( 404, 'Authentication record not found' ) );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Find authentication by user ID error: ${ error.message }` );
next( createError( error.status || 500, error.message ) );
const { token } = req.params;
const auth = await db.authentication.find_by_reset_token( token );
if (!auth) return next( createError( 404, 'Authentication record not found' ) );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Find authentication by reset token error: ${ error.message }` );
next( createError( error.status || 500, error.message ) );
const { id } = req.params;
const auth = await db.authentication.find_one( { id:parseInt( id ) } );
if (!auth) return next( createError( 404, 'Authentication record not found' ) );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Find authentication error: ${ error.message }` );
next( createError( error.status || 500, error.message ) );
try {
const { limit = '100', offset = '0', ...where } = req.query;
const auths = await db.authentication.find_many( where, [], null, parseInt( limit ), parseInt( offset ) );
- res.json( auths.map( auth => auth.to_safe_json() ) );
+ res.json( auths );
} catch (error) {
logger.error( `Find many authentication records error: ${ error.message }` );
next( createError( error.status || 500, error.message ) );
try {
const { id } = req.params;
const auth = await db.authentication.lock_account( id );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Lock account error: ${ error.message }` );
next( createError( error.status || 400, error.message ) );
try {
const { id } = req.params;
const auth = await db.authentication.unlock_account( id );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Unlock account error: ${ error.message }` );
next( createError( error.status || 400, error.message ) );
const { id } = req.params;
const { deleted_by_id } = req.body;
const auth = await db.authentication.soft_delete( id, deleted_by_id );
- res.json( auth.to_safe_json() );
+ res.json( auth );
} catch (error) {
logger.error( `Soft delete authentication error: ${ error.message }` );
next( createError( error.status || 400, error.message ) );
* @file User controller for handling user-related API requests
*/
-const db = require('../models');
-const createError = require('http-errors');
+const db = require( '../models' );
+const createError = require( 'http-errors' );
/**
* User controller
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async create(req, res, next) {
+ async create( req, res, next ) {
try {
const user_data = req.body;
- const user = await db.user.create(user_data);
- res.status(200).send(user.to_safe_json());
+ const user = await db.user.create( user_data );
+ res.status( 200 ).send( user );
} catch (error) {
- logger.error(`Create user error: ${error.message}`);
- next(createError(error.status || 400, error.message));
+ logger.error( `Create user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async find_one(req, res, next) {
+ async find_one( req, res, next ) {
try {
const { id } = req.params;
- const user = await db.user.find_one({ id: parseInt(id) });
- if (!user) return next(createError(404, 'User not found'));
- res.status(200).send(user.to_safe_json());
+ const user = await db.user.find_one( { id:parseInt( id ) } );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ res.status( 200 ).send( user );
} catch (error) {
- logger.error(`Show user error: ${error.message}`);
- next(createError(error.status || 500, error.message));
+ logger.error( `Show user error: ${ error.message }` );
+ next( createError( error.status || 500, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async find_many(req, res, next) {
+ async find_many( req, res, next ) {
try {
- const { limit = 100, offset = 0, ...where } = req.query;
- const users = await db.user.find_many(where, [], null, parseInt(limit), parseInt(offset));
- if (!users.length) return next(createError(404, 'No users found'));
- res.status(200).send(users.map(u => u.to_safe_json()));
+ const { limit = '100', offset = '0', ...where } = req.query;
+ const users = await db.user.find_many( where, [], null, parseInt( limit ), parseInt( offset ) );
+ if (!users.length) return next( createError( 404, 'No users found' ) );
+ res.status( 200 ).send( users.map( u => new (require( '../models/user.model' )( u ).toJSON()) ) );
} catch (error) {
- logger.error(`Index users error: ${error.message}`);
- next(createError(error.status || 500, error.message));
+ logger.error( `Index users error: ${ error.message }` );
+ next( createError( error.status || 500, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async find_by_email(req, res, next) {
+ async find_by_email( req, res, next ) {
try {
const { email } = req.params;
- const user = await db.user.find_by_email(email);
- if (!user) return next(createError(404, 'User not found'));
- res.status(200).send(user.to_safe_json());
+ const user = await db.user.find_by_email( email );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ res.status( 200 ).send( user );
} catch (error) {
- logger.error(`Find user by email error: ${error.message}`);
- next(createError(error.status || 500, error.message));
+ logger.error( `Find user by email error: ${ error.message }` );
+ next( createError( error.status || 500, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async find_by_nickname(req, res, next) {
+ async find_by_nickname( req, res, next ) {
try {
const { nickname } = req.params;
- const user = await db.user.find_by_nickname(nickname);
- if (!user) return next(createError(404, 'User not found'));
- res.status(200).send(user.to_safe_json());
+ const user = await db.user.find_by_nickname( nickname );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ res.status( 200 ).send( user );
} catch (error) {
- logger.error(`Find user by nickname error: ${error.message}`);
- next(createError(error.status || 500, error.message));
+ logger.error( `Find user by nickname error: ${ error.message }` );
+ next( createError( error.status || 500, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async update(req, res, next) {
+ async update( req, res, next ) {
try {
const { id } = req.params;
const user_data = req.body;
- const user = await db.user.instance().find_one({ id: parseInt(id) });
- if (!user) return next(createError(404, 'User not found'));
- const updated_user = await user.update(user_data);
- res.status(200).send(updated_user.to_safe_json());
+ const user = await db.user.instance().find_one( { id:parseInt( id ) } );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ const updated_user = await user.update( user_data );
+ res.status( 200 ).send( updated_user );
} catch (error) {
- logger.error(`Update user error: ${error.message}`);
- next(createError(error.status || 400, error.message));
+ logger.error( `Update user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async deactivate(req, res, next) {
+ async deactivate( req, res, next ) {
try {
const { id } = req.params;
const { deactivated_by_id } = req.body;
- const user = await db.user.instance().find_one({ id: parseInt(id) });
- if (!user) return next(createError(404, 'User not found'));
- const deactivated_user = await user.deactivate(deactivated_by_id);
- res.status(200).send(deactivated_user.to_safe_json());
+ const user = await db.user.instance().find_one( { id:parseInt( id ) } );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ const deactivated_user = await user.deactivate( deactivated_by_id );
+ res.status( 200 ).send( deactivated_user );
} catch (error) {
- logger.error(`Deactivate user error: ${error.message}`);
- next(createError(error.status || 400, error.message));
+ logger.error( `Deactivate user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async reactivate(req, res, next) {
+ async reactivate( req, res, next ) {
try {
const { id } = req.params;
- const user = await db.user.instance().find_one({ id: parseInt(id) });
- if (!user) return next(createError(404, 'User not found'));
+ const user = await db.user.instance().find_one( { id:parseInt( id ) } );
+ if (!user) return next( createError( 404, 'User not found' ) );
const reactivated_user = await user.reactivate();
- res.status(200).send(reactivated_user.to_safe_json());
+ res.status( 200 ).send( reactivated_user );
} catch (error) {
- logger.error(`Reactivate user error: ${error.message}`);
- next(createError(error.status || 400, error.message));
+ logger.error( `Reactivate user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
}
},
* @param {Function} next - Express next middleware function
* @returns {Promise<void>}
*/
- async soft_delete(req, res, next) {
+ async soft_delete( req, res, next ) {
try {
const { id } = req.params;
const { deleted_by_id } = req.body;
- const user = await db.user.instance().find_one({ id: parseInt(id) });
- if (!user) return next(createError(404, 'User not found'));
- const deleted_user = await user.soft_delete(deleted_by_id);
- res.status(200).send(deleted_user.to_safe_json());
+ const user = await db.user.instance().find_one( { id:parseInt( id ) } );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ const deleted_user = await user.soft_delete( deleted_by_id );
+ res.status( 200 ).send( deleted_user );
} catch (error) {
- logger.error(`Soft delete user error: ${error.message}`);
- next(createError(error.status || 400, error.message));
+ logger.error( `Soft delete user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
+ }
+ },
+
+ async get_current_user( req, res, next ) {
+ try {
+ const { id } = req.user;
+ const user = await db.user.instance().find_one( { id: id } );
+ if (!user) return next( createError( 404, 'User not found' ) );
+ res.status( 200 ).send( user );
+ } catch (error) {
+ logger.error( `Get current user error: ${ error.message }` );
+ next( createError( error.status || 400, error.message ) );
}
}
};
\ No newline at end of file
-const JWTStrategy = require( 'passport-jwt' ).Strategy,
- ExtractJwt = require( 'passport-jwt' ).ExtractJwt;
+const JWTStrategy = require( 'passport-jwt' ).Strategy;
const config = require( '../config/default.json' );
const db = require( '../models' );
+const jwt = require("jsonwebtoken");
+
+const cookieExtractor = function(req) {
+ let token = null;
+ if (req?.cookies?.['phase_request_token']) {
+ const decoded = jwt.decode(req?.cookies?.['phase_request_token'].trim(), config.keys.secret);
+ token = decoded.request_token;
+ }
+ return token;
+};
+
+const authenticate = function ( JWTPayload, callback ) {
+ // return callback(null, {id: 1});
+ logger.debug( `JWT-JWTPayload: ${ JSON.stringify( JWTPayload ) }` );
+ return db.user.find_one( { email:JWTPayload.email, is_active:true, is_delete:false } )
+ .then( async user => {
+ logger.debug( 'passport: ' + user );
+ if (!user?.id) {
+ return callback( null, false );
+ } else if (user?.id) {
+ user.roles = user.get_user_roles().then( roles => roles.map( role => role.name ) );
+ return callback( null, user );
+ } else {
+ return callback( null, false );
+ }
+ } ).catch( error => callback( error, false ) );
+}
// Hooks the JWT Strategy.
function hookJWTStrategy( passport ) {
// options.secretOrKey = process.env['HASH_KEY'];
options.secretOrKey = config.keys.secret;
- options.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
+ options.jwtFromRequest = cookieExtractor;
options.ignoreExpiration = true;
- passport.use( 'jwt', new JWTStrategy( options, function ( JWTPayload, callback ) {
- // return callback(null, {id: 1});
- logger.debug( `JWT-JWTPayload: ${ JSON.stringify( JWTPayload ) }` );
- return db.user.find_one( { email:JWTPayload.email, is_active:true, is_delete:false } )
- .then( async user => {
- logger.debug( 'passport: ' + user );
- if (!user?.id) {
- return callback( null, false );
- } else if (user?.id) {
- user.roles = user.get_user_roles().then( roles => roles.map( role => role.name ) );
- return callback( null, user );
- } else {
- return callback( null, false );
- }
- } ).catch( error => callback( error, false ) );
- } ) );
+ passport.use( 'jwt', new JWTStrategy( options, authenticate ) );
}
module.exports = hookJWTStrategy;
\ No newline at end of file
projects / phs-api.git / commitdiff