-// const User = require('../models/user.model');
-const JWTStrategy = require('passport-jwt').Strategy,
- ExtractJwt = require('passport-jwt').ExtractJwt;
-
-const config = require('../config/default.json');
+const JWTStrategy = require( 'passport-jwt' ).Strategy,
+ ExtractJwt = require( 'passport-jwt' ).ExtractJwt;
+const config = require( '../config/default.json' );
+const db = require( '../models' );
// Hooks the JWT Strategy.
-function hookJWTStrategy(passport) {
- logger.debug('hookJWTStrategy');
+function hookJWTStrategy( passport ) {
+ logger.debug( 'hookJWTStrategy' );
let options = {};
// options.secretOrKey = process.env['HASH_KEY'];
options.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
options.ignoreExpiration = true;
- passport.use('jwt', new JWTStrategy(options, function (JWTPayload, callback) {
+ passport.use( 'jwt', new JWTStrategy( options, function ( JWTPayload, callback ) {
// return callback(null, {id: 1});
- logger.debug(`JWT-JWTPayload: ${JSON.stringify(JWTPayload)}`);
- /*return new User().findOne({ email: JWTPayload.email, is_active: true })*/
- // return new User().findOne({ id: 1, is_active: true })
- return phsdb.query(`select * from phase.users where id = $1;`, [1], { plain: true })
- .then(async user => {
- logger.debug('passport: ' + user);
- if (!user?.id) {
- return callback(null, false);
- } else if (user?.id) {
- // const roles = [...user.roles].map(r => r.name);
- // if (roles.some(r => ['Administrator', 'ExecutiveManager', 'HR'].includes(r))) await rvdb.query('select crypto_key from rt2.users where id = $1;', [user.id], { plain: true }).then(cry => user.crypto_key = cry.crypto_key);
- return callback(null, user);
- } else {
- return callback(null, false);
- }
- }).catch(error => callback(error, false));
- }));
-
- /*passport.use('jwt-contact', new JWTStrategy(options, function (JWTPayload, callback) {
- logger.debug(`JWT-CONTACT-JWTPayload: ${JSON.stringify(JWTPayload)}`);
- return db.contact().findOne({ id: JWTPayload.id, email: JWTPayload.email, is_active: true, is_deleted: false })
- .then(async contact => {
- // logger.debug('JWT-CONTACT: ' + JSON.stringify(contact));
- if (!contact?.id) {
- return callback(null, false);
- } else if (contact?.id) {
- return callback(null, contact);
- } else {
- return callback(null, false);
- }
- }).catch(error => callback(error, false));
- }))
-
- passport.use('it', new JWTStrategy(options, function (JWTPayload, callback) {
- logger.debug(`JWT-IT-JWTPayload: ${JSON.stringify(JWTPayload)}`);
- return db.it().user().findOne({ remote_id: JWTPayload.id, company_id: JWTPayload.company_id, is_active: true, is_deleted: false })
- .then(async user => {
+ logger.debug( `JWT-JWTPayload: ${ JSON.stringify( JWTPayload ) }` );
+ return db.user.find_one( { email:JWTPayload.email, is_active:true, is_delete:false } )
+ .then( async user => {
+ logger.debug( 'passport: ' + user );
if (!user?.id) {
- return callback(null, false);
+ return callback( null, false );
} else if (user?.id) {
- return callback(null, user);
+ user.roles = user.get_user_roles().then( roles => roles.map( role => role.name ) );
+ return callback( null, user );
} else {
- return callback(null, false);
+ return callback( null, false );
}
- }).catch(error => callback(error, false));
- }))*/
-
+ } ).catch( error => callback( error, false ) );
+ } ) );
}
module.exports = hookJWTStrategy;
\ No newline at end of file
async function checkKey( req, res, next ) {
const { authorization, apikey:apiKey } = req.headers;
if (authorization) return passport.authenticate( context, { session:false } )(req, res, next);
- // else if (!authorization && !apiKey) return passport.authenticate( context, { session: false } )(req, res, next);
- else {
- const key = await phsdb.query( 'select * from phs.api_keys where api_key = $1;', [apiKey], { plain:true } );
- const user = await phsdb.query( 'select * from phs.users where id = 1;', [], { plain:true } );
-
- logger.debug('helper: ' + user);
-
- // const user = key ? await db.user().findOne( { id:key.user_id, is_deleted:false, is_active:true } ) : undefined;
- /*const roles = user ? await phsdb.query(`
+ else if (!authorization && !apiKey) return passport.authenticate( context, { session: false } )(req, res, next);
+ /*else {
+ // const key = await rvdb.query( 'select * from rt2.api_keys where api_key = $1;', [apiKey], { plain:true } );
+ const user = key ? await db.user().findOne( { id:key.user_id, is_deleted:false, is_active:true } ) : undefined;
+ const roles = user ? await rvdb.query( `
select r.*
from rt2.api_key_roles ur
inner join rt2.roles r on r.id = ur.role_id
- where ur.api_key_id = $1;`, [key.id] ) : undefined;*/
- /*if (user && roles) {
+ where ur.api_key_id = $1;`, [key.id] ) : undefined;
+ if (user && roles) {
user.roles = roles;
- }*/
- if (user) {
+ }
+ if (key && user) {
req.user = user;
}
next();
- }
+ }*/
}
return checkKey;
return checkKey;
};
-module.exports = { validateAuth, allowApi };
-
-/** @namespace params.apiKey */
+module.exports = { validateAuth, allowApi };
\ No newline at end of file
projects / phs-api.git / commitdiff