|
const { sign, verify } = require("jsonwebtoken"); |
|
const { compare, hash, genSalt } = require("bcryptjs"); |
|
const { NotAuthError } = require("./errors"); |
|
|
|
const KEY = "supersecret"; |
|
|
|
async function generatePasswordHash(password) { |
|
const password_hash = await hash(password, await genSalt(10)); |
|
return password_hash; |
|
} |
|
|
|
function createJSONToken(id) { |
|
return sign({ id }, KEY, { noTimestamp: true }); |
|
} |
|
|
|
function validateJSONToken(token) { |
|
return verify(token, KEY); |
|
} |
|
|
|
function isValidPassword(password, storedPassword) { |
|
return compare(password, storedPassword); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function checkAuthMiddleware(req, res, next) { |
|
if (req.method === "OPTIONS") { |
|
return next(); |
|
} |
|
let authToken = req.cookies["auth-token"]; |
|
if (!authToken) { |
|
return res.status(401).json({ message: "Not authenticated", description: "Auth token not found" }); |
|
} |
|
try { |
|
const validatedToken = validateJSONToken(authToken); |
|
req.userId = validatedToken.id; |
|
req.isAuthenticated = true; |
|
} catch (error) { |
|
console.log("NOT AUTH. TOKEN INVALID."); |
|
return res.status(401).json({ message: "Not authenticated", description: "Invalid auth token" }); |
|
} |
|
next(); |
|
} |
|
|
|
exports.createJSONToken = createJSONToken; |
|
exports.validateJSONToken = validateJSONToken; |
|
exports.isValidPassword = isValidPassword; |
|
exports.checkAuth = checkAuthMiddleware; |
|
exports.generatePasswordHash = generatePasswordHash; |
|
|
