import bcrypt from "bcrypt"; import jwtSecret from "./jwtConfig"; const BCRYPT_SALT_ROUNDS = 12; import { db } from "../db.mjs"; import logger from "../logger.mjs"; const passport = require("passport"); const LocalStrategy = require("passport-local").Strategy; const JWTstrategy = require("passport-jwt").Strategy; const ExtractJWT = require("passport-jwt").ExtractJwt; const User = require("../sequelize"); passport.use( "register", new LocalStrategy( { usernameField: "username", passwordField: "password", passReqToCallback: true, session: false, }, async (req, username, password, done) => { try { let user = await db("users").where({ username }).select("*"); if (user.length > 0) { logger.warn("username already taken"); return done(null, false, { message: "username already taken" }); } user = user[0]; const hashedPwd = await bcrypt.hash(password, BCRYPT_SALT_ROUNDS); const userCreated = await db("users").insert({ username, password: hashedPwd, }); logger.info(`user ${username} created`); return done(null, userCreated); // User.findOne({ // where: { // [Op.or]: [ // { // username, // }, // { email: req.body.email }, // ], // }, // }).then((user) => { // if (user != null) { // console.log("username or email already taken"); // return done(null, false, { // message: "username or email already taken", // }); // } // bcrypt.hash(password, BCRYPT_SALT_ROUNDS).then((hashedPassword) => { // User.create({ // username, // password: hashedPassword, // email: req.body.email, // }).then((user) => { // console.log("user created"); // return done(null, user); // }); // }); // }); } catch (err) { return done(err); } }, ), ); passport.use( "login", new LocalStrategy( { usernameField: "username", passwordField: "password", session: false, }, async (username, password, done) => { try { const user = db("users").select("*").where({ username }); if (user.length === 0) { logger.info(`username ${username} does not exist`); return done(null, false, { message: "bad username" }); } user = user[0]; const pwdMatch = await bcrypt.compare(password, user.password); if (pwdMatch !== true) { logger.info(`passwords do not match`); return done(null, false, { message: "passwords do not match" }); } logger.info(`password found and authenticated`); return done(null, user); } catch (err) { done(err); } }, ), ); // User.findOne({ // where: { // username, // }, // }).then((user) => { // if (user === null) { // return done(null, false, { message: "bad username" }); // } // bcrypt.compare(password, user.password).then((response) => { // if (response !== true) { // console.log("passwords do not match"); // return done(null, false, { message: "passwords do not match" }); // } // console.log("user found & authenticated"); // return done(null, user); // }); // }); // } catch (err) { // done(err); // } // }, // ), // ); const opts = { jwtFromRequest: ExtractJWT.fromAuthHeaderWithScheme("JWT"), secretOrKey: jwtSecret.secret, }; passport.use( "jwt", new JWTstrategy(opts, async (jwt_payload, done) => { try { let user = await db("users").select("*").where({ id: jwt_payload.id }); if (user.length === 1) { logger.info("user found"); done(null, user[0]); } else { logger.info("user not found"); done(null, false); } } catch (err) { done(err); } }), ); // User.findOne({ // where: { // id: jwt_payload.id, // }, // }).then((user) => { // if (user) { // console.log("user found in db in passport"); // done(null, user); // } else { // console.log("user not found in db"); // done(null, false); // } // }); // } catch (err) { // done(err); // } // }), // );