wip
This commit is contained in:
parent
e2461a9314
commit
d1557bcae8
@ -5,6 +5,7 @@
|
|||||||
*/
|
*/
|
||||||
import rndstr from 'rndstr';
|
import rndstr from 'rndstr';
|
||||||
const crypto = require('crypto');
|
const crypto = require('crypto');
|
||||||
|
import it from '../../it';
|
||||||
import App from '../../models/app';
|
import App from '../../models/app';
|
||||||
import AuthSess from '../../models/auth-session';
|
import AuthSess from '../../models/auth-session';
|
||||||
import AccessToken from '../../models/access-token';
|
import AccessToken from '../../models/access-token';
|
||||||
@ -43,21 +44,19 @@ module.exports = (params, user) =>
|
|||||||
new Promise(async (res, rej) =>
|
new Promise(async (res, rej) =>
|
||||||
{
|
{
|
||||||
// Get 'token' parameter
|
// Get 'token' parameter
|
||||||
const sesstoken = params.token;
|
const [token, tokenErr] = it(params.token).expect.string().required().qed();
|
||||||
if (sesstoken == null) {
|
if (tokenErr) return rej('invalid token param');
|
||||||
return rej('token is required');
|
|
||||||
}
|
|
||||||
|
|
||||||
// Fetch token
|
// Fetch token
|
||||||
const session = await AuthSess
|
const session = await AuthSess
|
||||||
.findOne({ token: sesstoken });
|
.findOne({ token: token });
|
||||||
|
|
||||||
if (session === null) {
|
if (session === null) {
|
||||||
return rej('session not found');
|
return rej('session not found');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate access token
|
// Generate access token
|
||||||
const token = rndstr('a-zA-Z0-9', 32);
|
const accessToken = rndstr('a-zA-Z0-9', 32);
|
||||||
|
|
||||||
// Fetch exist access token
|
// Fetch exist access token
|
||||||
const exist = await AccessToken.findOne({
|
const exist = await AccessToken.findOne({
|
||||||
@ -73,7 +72,7 @@ module.exports = (params, user) =>
|
|||||||
|
|
||||||
// Generate Hash
|
// Generate Hash
|
||||||
const sha256 = crypto.createHash('sha256');
|
const sha256 = crypto.createHash('sha256');
|
||||||
sha256.update(token + app.secret);
|
sha256.update(accessToken + app.secret);
|
||||||
const hash = sha256.digest('hex');
|
const hash = sha256.digest('hex');
|
||||||
|
|
||||||
// Insert access token doc
|
// Insert access token doc
|
||||||
@ -81,7 +80,7 @@ module.exports = (params, user) =>
|
|||||||
created_at: new Date(),
|
created_at: new Date(),
|
||||||
app_id: session.app_id,
|
app_id: session.app_id,
|
||||||
user_id: user._id,
|
user_id: user._id,
|
||||||
token: token,
|
token: accessToken,
|
||||||
hash: hash
|
hash: hash
|
||||||
});
|
});
|
||||||
}
|
}
|
@ -4,6 +4,7 @@
|
|||||||
* Module dependencies
|
* Module dependencies
|
||||||
*/
|
*/
|
||||||
import * as uuid from 'uuid';
|
import * as uuid from 'uuid';
|
||||||
|
import it from '../../../it';
|
||||||
import App from '../../../models/app';
|
import App from '../../../models/app';
|
||||||
import AuthSess from '../../../models/auth-session';
|
import AuthSess from '../../../models/auth-session';
|
||||||
import config from '../../../../conf';
|
import config from '../../../../conf';
|
||||||
@ -49,10 +50,8 @@ module.exports = (params) =>
|
|||||||
new Promise(async (res, rej) =>
|
new Promise(async (res, rej) =>
|
||||||
{
|
{
|
||||||
// Get 'app_secret' parameter
|
// Get 'app_secret' parameter
|
||||||
const appSecret = params.app_secret;
|
const [appSecret, appSecretErr] = it(params.app_secret).expect.string().required().qed();
|
||||||
if (appSecret == null) {
|
if (appSecretErr) return rej('invalid app_secret param');
|
||||||
return rej('app_secret is required');
|
|
||||||
}
|
|
||||||
|
|
||||||
// Lookup app
|
// Lookup app
|
||||||
const app = await App.findOne({
|
const app = await App.findOne({
|
@ -3,6 +3,7 @@
|
|||||||
/**
|
/**
|
||||||
* Module dependencies
|
* Module dependencies
|
||||||
*/
|
*/
|
||||||
|
import it from '../../../it';
|
||||||
import AuthSess from '../../../models/auth-session';
|
import AuthSess from '../../../models/auth-session';
|
||||||
import serialize from '../../../serializers/auth-session';
|
import serialize from '../../../serializers/auth-session';
|
||||||
|
|
||||||
@ -57,10 +58,8 @@ module.exports = (params, user) =>
|
|||||||
new Promise(async (res, rej) =>
|
new Promise(async (res, rej) =>
|
||||||
{
|
{
|
||||||
// Get 'token' parameter
|
// Get 'token' parameter
|
||||||
const token = params.token;
|
const [token, tokenErr] = it(params.token).expect.string().required().qed();
|
||||||
if (token == null) {
|
if (tokenErr) return rej('invalid token param');
|
||||||
return rej('token is required');
|
|
||||||
}
|
|
||||||
|
|
||||||
// Lookup session
|
// Lookup session
|
||||||
const session = await AuthSess.findOne({
|
const session = await AuthSess.findOne({
|
@ -3,6 +3,7 @@
|
|||||||
/**
|
/**
|
||||||
* Module dependencies
|
* Module dependencies
|
||||||
*/
|
*/
|
||||||
|
import it from '../../../it';
|
||||||
import App from '../../../models/app';
|
import App from '../../../models/app';
|
||||||
import AuthSess from '../../../models/auth-session';
|
import AuthSess from '../../../models/auth-session';
|
||||||
import AccessToken from '../../../models/access-token';
|
import AccessToken from '../../../models/access-token';
|
||||||
@ -53,10 +54,8 @@ import serialize from '../../../serializers/user';
|
|||||||
module.exports = (params) =>
|
module.exports = (params) =>
|
||||||
new Promise(async (res, rej) => {
|
new Promise(async (res, rej) => {
|
||||||
// Get 'app_secret' parameter
|
// Get 'app_secret' parameter
|
||||||
const appSecret = params.app_secret;
|
const [appSecret, appSecretErr] = it(params.app_secret).expect.string().required().qed();
|
||||||
if (appSecret == null) {
|
if (appSecretErr) return rej('invalid app_secret param');
|
||||||
return rej('app_secret is required');
|
|
||||||
}
|
|
||||||
|
|
||||||
// Lookup app
|
// Lookup app
|
||||||
const app = await App.findOne({
|
const app = await App.findOne({
|
||||||
@ -68,10 +67,8 @@ module.exports = (params) =>
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Get 'token' parameter
|
// Get 'token' parameter
|
||||||
const token = params.token;
|
const [token, tokenErr] = it(params.token).expect.string().required().qed();
|
||||||
if (token == null) {
|
if (tokenErr) return rej('invalid token param');
|
||||||
return rej('token is required');
|
|
||||||
}
|
|
||||||
|
|
||||||
// Fetch token
|
// Fetch token
|
||||||
const session = await AuthSess
|
const session = await AuthSess
|
Loading…
Reference in New Issue
Block a user