From: charleswrayjr Date: Fri, 12 Sep 2025 04:36:58 +0000 (-0500) Subject: Fixing passport and routeHelpers to actually validate users. X-Git-Url: https://git.phasecustomsoft.com/?a=commitdiff_plain;h=3c9d967fa28165a65e3343d6bfe869aa105c5969;p=phs-api.git Fixing passport and routeHelpers to actually validate users. --- diff --git a/src/middleware/passport.js b/src/middleware/passport.js index 9e0975c..2d37cff 100755 --- a/src/middleware/passport.js +++ b/src/middleware/passport.js @@ -1,12 +1,11 @@ -// const User = require('../models/user.model'); -const JWTStrategy = require('passport-jwt').Strategy, - ExtractJwt = require('passport-jwt').ExtractJwt; - -const config = require('../config/default.json'); +const JWTStrategy = require( 'passport-jwt' ).Strategy, + ExtractJwt = require( 'passport-jwt' ).ExtractJwt; +const config = require( '../config/default.json' ); +const db = require( '../models' ); // Hooks the JWT Strategy. -function hookJWTStrategy(passport) { - logger.debug('hookJWTStrategy'); +function hookJWTStrategy( passport ) { + logger.debug( 'hookJWTStrategy' ); let options = {}; // options.secretOrKey = process.env['HASH_KEY']; @@ -14,55 +13,22 @@ function hookJWTStrategy(passport) { options.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken(); options.ignoreExpiration = true; - passport.use('jwt', new JWTStrategy(options, function (JWTPayload, callback) { + passport.use( 'jwt', new JWTStrategy( options, function ( JWTPayload, callback ) { // return callback(null, {id: 1}); - logger.debug(`JWT-JWTPayload: ${JSON.stringify(JWTPayload)}`); - /*return new User().findOne({ email: JWTPayload.email, is_active: true })*/ - // return new User().findOne({ id: 1, is_active: true }) - return phsdb.query(`select * from phase.users where id = $1;`, [1], { plain: true }) - .then(async user => { - logger.debug('passport: ' + user); - if (!user?.id) { - return callback(null, false); - } else if (user?.id) { - // const roles = [...user.roles].map(r => r.name); - // if (roles.some(r => ['Administrator', 'ExecutiveManager', 'HR'].includes(r))) await rvdb.query('select crypto_key from rt2.users where id = $1;', [user.id], { plain: true }).then(cry => user.crypto_key = cry.crypto_key); - return callback(null, user); - } else { - return callback(null, false); - } - }).catch(error => callback(error, false)); - })); - - /*passport.use('jwt-contact', new JWTStrategy(options, function (JWTPayload, callback) { - logger.debug(`JWT-CONTACT-JWTPayload: ${JSON.stringify(JWTPayload)}`); - return db.contact().findOne({ id: JWTPayload.id, email: JWTPayload.email, is_active: true, is_deleted: false }) - .then(async contact => { - // logger.debug('JWT-CONTACT: ' + JSON.stringify(contact)); - if (!contact?.id) { - return callback(null, false); - } else if (contact?.id) { - return callback(null, contact); - } else { - return callback(null, false); - } - }).catch(error => callback(error, false)); - })) - - passport.use('it', new JWTStrategy(options, function (JWTPayload, callback) { - logger.debug(`JWT-IT-JWTPayload: ${JSON.stringify(JWTPayload)}`); - return db.it().user().findOne({ remote_id: JWTPayload.id, company_id: JWTPayload.company_id, is_active: true, is_deleted: false }) - .then(async user => { + logger.debug( `JWT-JWTPayload: ${ JSON.stringify( JWTPayload ) }` ); + return db.user.find_one( { email:JWTPayload.email, is_active:true, is_delete:false } ) + .then( async user => { + logger.debug( 'passport: ' + user ); if (!user?.id) { - return callback(null, false); + return callback( null, false ); } else if (user?.id) { - return callback(null, user); + user.roles = user.get_user_roles().then( roles => roles.map( role => role.name ) ); + return callback( null, user ); } else { - return callback(null, false); + return callback( null, false ); } - }).catch(error => callback(error, false)); - }))*/ - + } ).catch( error => callback( error, false ) ); + } ) ); } module.exports = hookJWTStrategy; \ No newline at end of file diff --git a/src/middleware/routeHelpers.js b/src/middleware/routeHelpers.js index d78f0ab..939138a 100755 --- a/src/middleware/routeHelpers.js +++ b/src/middleware/routeHelpers.js @@ -3,27 +3,23 @@ const validateAuth = function ( passport, context='jwt') { async function checkKey( req, res, next ) { const { authorization, apikey:apiKey } = req.headers; if (authorization) return passport.authenticate( context, { session:false } )(req, res, next); - // else if (!authorization && !apiKey) return passport.authenticate( context, { session: false } )(req, res, next); - else { - const key = await phsdb.query( 'select * from phs.api_keys where api_key = $1;', [apiKey], { plain:true } ); - const user = await phsdb.query( 'select * from phs.users where id = 1;', [], { plain:true } ); - - logger.debug('helper: ' + user); - - // const user = key ? await db.user().findOne( { id:key.user_id, is_deleted:false, is_active:true } ) : undefined; - /*const roles = user ? await phsdb.query(` + else if (!authorization && !apiKey) return passport.authenticate( context, { session: false } )(req, res, next); + /*else { + // const key = await rvdb.query( 'select * from rt2.api_keys where api_key = $1;', [apiKey], { plain:true } ); + const user = key ? await db.user().findOne( { id:key.user_id, is_deleted:false, is_active:true } ) : undefined; + const roles = user ? await rvdb.query( ` select r.* from rt2.api_key_roles ur inner join rt2.roles r on r.id = ur.role_id - where ur.api_key_id = $1;`, [key.id] ) : undefined;*/ - /*if (user && roles) { + where ur.api_key_id = $1;`, [key.id] ) : undefined; + if (user && roles) { user.roles = roles; - }*/ - if (user) { + } + if (key && user) { req.user = user; } next(); - } + }*/ } return checkKey; @@ -42,6 +38,4 @@ const allowApi = function (apiKey, callback) { return checkKey; }; -module.exports = { validateAuth, allowApi }; - -/** @namespace params.apiKey */ +module.exports = { validateAuth, allowApi }; \ No newline at end of file