diff --git a/auth/auth.mts b/auth/auth.mts index 1aab958..7819609 100644 --- a/auth/auth.mts +++ b/auth/auth.mts @@ -1,6 +1,6 @@ import passport from 'passport' import { Strategy as localStrategy } from 'passport-local' -import { User, UserModel, encryptPwd, pwdIsValid } from '../model/model.mjs' +import { User, encryptPwd, pwdIsValid } from '../model/model.mjs' import { Strategy as JWTstrategy, ExtractJwt } from 'passport-jwt' import { userDb } from '../db.mjs' @@ -12,7 +12,6 @@ passport.use('signup', new localStrategy( async (username, password, done) => { console.log("signup auth strategy has begun") try { - // const user = await UserModel.create({ email, password }) const encryptedPwd = await encryptPwd(password) const user = await userDb("users").insert({ username: username, password: encryptedPwd }).returning(["username", "password"]) console.log(`user: ${user}`) @@ -33,7 +32,6 @@ passport.use('login', async (email, password, done) => { console.log("local strategy called") try { - // const user: User = await UserModel.findOne({ email }) let returnedUser: Array = await userDb("users").select("username", "password").where({ username: email }) const user: User = returnedUser[0] console.log(`user: ${user}`) @@ -41,7 +39,6 @@ passport.use('login', return done(null, false, { message: "user not found" }) } - // const validate: boolean = await user.isValidPassword(password) const validate: boolean = await pwdIsValid(password, user) console.log(`isValidPassword? ${validate}`) diff --git a/dist/auth/auth.mjs b/dist/auth/auth.mjs index ec39a5f..6c8e93b 100644 --- a/dist/auth/auth.mjs +++ b/dist/auth/auth.mjs @@ -9,33 +9,39 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; import passport from 'passport'; import { Strategy as localStrategy } from 'passport-local'; -import { UserModel } from '../model/model.mjs'; +import { encryptPwd, pwdIsValid } from '../model/model.mjs'; import { Strategy as JWTstrategy, ExtractJwt } from 'passport-jwt'; +import { userDb } from '../db.mjs'; passport.use('signup', new localStrategy({ - usernameField: 'email', + usernameField: 'username', passwordField: 'password' -}, (email, password, done) => __awaiter(void 0, void 0, void 0, function* () { +}, (username, password, done) => __awaiter(void 0, void 0, void 0, function* () { + console.log("signup auth strategy has begun"); try { - const user = yield UserModel.create({ email, password }); + const encryptedPwd = yield encryptPwd(password); + const user = yield userDb("users").insert({ username: username, password: encryptedPwd }).returning(["username", "password"]); + console.log(`user: ${user}`); return done(null, user); } catch (err) { + console.error(err); done(err); } }))); passport.use('login', new localStrategy({ - usernameField: "email", + usernameField: "username", passwordField: "password", session: false }, (email, password, done) => __awaiter(void 0, void 0, void 0, function* () { console.log("local strategy called"); try { - const user = yield UserModel.findOne({ email }); + let returnedUser = yield userDb("users").select("username", "password").where({ username: email }); + const user = returnedUser[0]; console.log(`user: ${user}`); - if (!user) { + if (!user || returnedUser.length === 0) { return done(null, false, { message: "user not found" }); } - const validate = yield user.isValidPassword(password); + const validate = yield pwdIsValid(password, user); console.log(`isValidPassword? ${validate}`); if (!validate) { return done(null, false, { message: "wrong password" }); @@ -48,7 +54,7 @@ passport.use('login', new localStrategy({ }))); passport.use(new JWTstrategy({ secretOrKey: "TOP_SECRET", - jwtFromRequest: ExtractJwt.fromUrlQueryParameter('secret_token') + jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('secret_token') }, (token, done) => __awaiter(void 0, void 0, void 0, function* () { try { return done(null, token.user); diff --git a/dist/db.mjs b/dist/db.mjs index 18bca12..4697be7 100644 --- a/dist/db.mjs +++ b/dist/db.mjs @@ -13,3 +13,10 @@ export const testDb = knex({ }, useNullAsDefault: true }); +export const userDb = knex({ + client: "sqlite3", + connection: { + filename: "./users" + }, + useNullAsDefault: true +}); diff --git a/dist/model/model.mjs b/dist/model/model.mjs index b8a3b84..50a8dae 100644 --- a/dist/model/model.mjs +++ b/dist/model/model.mjs @@ -35,3 +35,13 @@ UserSchema.methods.isValidPassword = function (password) { }); }; export const UserModel = mongoose.model("user", UserSchema); +export function encryptPwd(pwd) { + return __awaiter(this, void 0, void 0, function* () { + return Promise.resolve(bcrypt.hash(pwd, 10)); + }); +} +export function pwdIsValid(pwd, user) { + return __awaiter(this, void 0, void 0, function* () { + return Promise.resolve(bcrypt.compare(pwd, user.password)); + }); +} diff --git a/dist/routes/routes.mjs b/dist/routes/routes.mjs index 2756e39..c622410 100644 --- a/dist/routes/routes.mjs +++ b/dist/routes/routes.mjs @@ -17,10 +17,6 @@ router.post("/signup", passport.authenticate("signup", { session: false }), (req user: req.user }); })); -// router.post("/login", passport.authenticate('local'), -// function(req, res) { -// res.json({ res }) -// }) router.post('/login', (req, res, next) => __awaiter(void 0, void 0, void 0, function* () { passport.authenticate('login', (err, user, info) => __awaiter(void 0, void 0, void 0, function* () { try { @@ -31,8 +27,8 @@ router.post('/login', (req, res, next) => __awaiter(void 0, void 0, void 0, func req.login(user, { session: false }, (error) => __awaiter(void 0, void 0, void 0, function* () { if (error) return next(error); - const body = { _id: user._id, email: user.email }; - const token = jwt.sign({ user: body }, 'TOP_SECRET'); + const body = { _id: user._id, username: user.username }; + const token = jwt.sign({ user: body }, 'TOP_SECRET', { expiresIn: "20m" }); return res.json({ token }); })); }