Refactoring et ajout de routes Hero Wars
This commit is contained in:
@@ -0,0 +1,82 @@
|
||||
|
||||
//var jwt = require('express-jwt');
|
||||
var { expressjwt: jwt } = require("express-jwt"),
|
||||
secret = require('../config').secret,
|
||||
bcrypt = require('bcrypt');
|
||||
const { v4 } = require('uuid'),
|
||||
passport = require('passport'),
|
||||
auths = ['Api-Key', 'Basic', 'Bearer', 'Token'];
|
||||
|
||||
function getTokenFromHeader(req) {
|
||||
if(req.headers.authorization && auths.indexOf(req.headers.authorization.split(' ')[0]) !== -1) {
|
||||
return req.headers.authorization.split(' ')[1];
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
const auth = {
|
||||
requiredJwt: jwt({
|
||||
secret: secret,
|
||||
algorithms: ['HS256'],
|
||||
requestProperty: 'payload',
|
||||
getToken: getTokenFromHeader
|
||||
}),
|
||||
optional: jwt({
|
||||
secret: secret,
|
||||
algorithms: ['HS256'],
|
||||
requestProperty: 'payload',
|
||||
credentialsRequired: false,
|
||||
getToken: getTokenFromHeader
|
||||
}),
|
||||
required: async (req, res, next) => {
|
||||
if(req.headers.authorization && req.headers.authorization.split(' ')[0] === process.env.AUTHORIZATION_PREFIX) {
|
||||
passport.authenticate('headerapikey', { session: false }, function (err, application, info) {
|
||||
if (err) {
|
||||
return next({message: "An authentication error occured.", err: err.message});
|
||||
}
|
||||
if (!application) {
|
||||
return res.status(401).json({message: "Unauthorized - You are not allowed to access this resource.", err: err, info: info});
|
||||
}
|
||||
req.application = application;
|
||||
req.payload = {id: application.author._id};
|
||||
return next();
|
||||
})(req, res, next);
|
||||
} else {
|
||||
return jwt({
|
||||
secret: secret,
|
||||
algorithms: ['HS256'],
|
||||
requestProperty: 'payload',
|
||||
getToken: getTokenFromHeader
|
||||
})(req, res, next);
|
||||
}
|
||||
},
|
||||
getAuthType: (req) => {
|
||||
if(req.headers.authorization && auths.indexOf(req.headers.authorization.split(' ')[0]) !== -1) {
|
||||
let value = req.headers.authorization.split(' ')[0];
|
||||
return value;
|
||||
}
|
||||
return null;
|
||||
},
|
||||
generateAPIKey: async () => {
|
||||
const key = v4().replace(/-/g, '');
|
||||
const salt = secret;
|
||||
// Génération d'un salt aléatoire : const salt = await Promise.resolve(bcrypt.genSalt(10));
|
||||
const maskedKey = `${key.slice(0, 4)}...${key.slice(-4)}`;
|
||||
const encryptedKey = await Promise.resolve(bcrypt.hash(key, salt));
|
||||
return { key: key, masked: maskedKey, encrypted: encryptedKey};
|
||||
},
|
||||
authenticateKey: async (req, res, next) => {
|
||||
passport.authenticate('headerapikey', { session: false }, function (err, application, info) {
|
||||
if (err) {
|
||||
return res.status(err.status || 500).json({message: "An authentication error occured (authenticateKey).", err: err.message});
|
||||
}
|
||||
if (!application) {
|
||||
return res.status(401).json({message: "Unauthorized - You are not allowed to access this resource.", err: err, info: info});
|
||||
}
|
||||
req.application = application;
|
||||
return next();
|
||||
})(req, res, next);
|
||||
}
|
||||
};
|
||||
|
||||
module.exports = auth;
|
||||
@@ -9,37 +9,50 @@ const isProduction = appEnv === 'production',
|
||||
const exceptionHandler = {
|
||||
notFoundErrorHandler: (req, res, next) => {
|
||||
let err = new Error('Not Found');
|
||||
err.status = 404;
|
||||
console.log(`${utils.getDateTimeISOString()}`, chalk.yellow(`${err.status} ${err.message}`));
|
||||
err.statusCode = 404;
|
||||
console.log(`${utils.getDateTimeISOString()}`, chalk.yellow(`${err.statusCode} - ${err.message}`));
|
||||
next(err);
|
||||
/*if (req.xhr) {
|
||||
res.status(err.statusCode).json(err);
|
||||
} else {
|
||||
next(err);
|
||||
}*/
|
||||
},
|
||||
logErrorHandler: (err, req, res, next) => {
|
||||
console.log(`${utils.getDateTimeISOString()}`, chalk.red(`error handler : ${err.message} ${err.err}`));
|
||||
console.log(`${utils.getDateTimeISOString()}`, chalk.red(`Error handler : ${err.statusCode} - ${err.message}`)); // ${err.err}
|
||||
console.error(err.stack);
|
||||
next(err);
|
||||
/*if (req.xhr) {
|
||||
res.status(err.statusCode || 500).json(err);
|
||||
//res.status(err.statusCode || 500).json({statusCode: err.statusCode, message: err.message});
|
||||
} else {
|
||||
next(err);
|
||||
}*/
|
||||
},
|
||||
clientErrorHandler: (err, req, res, next) => {
|
||||
if (req.xhr) {
|
||||
res.status(err.status || 500);
|
||||
res.status(err.statusCode || 500);
|
||||
} else {
|
||||
next(err);
|
||||
}
|
||||
},
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
fianlErrorHandler: (err, req, res, next) => {
|
||||
res.status(err.status || 500);
|
||||
res.status(err.statusCode || 500);
|
||||
if (!isProduction) {
|
||||
/* development error handler will print stacktrace */
|
||||
res.json({errors: {
|
||||
statusCode: err.statusCode,
|
||||
message: err.message,
|
||||
error: err.err,
|
||||
//error: err.err,
|
||||
stack: err.stack
|
||||
}});
|
||||
} else {
|
||||
/* production error handler no stacktraces leaked to user */
|
||||
res.json({errors: {
|
||||
statusCode: err.statusCode,
|
||||
message: err.message,
|
||||
error: {},
|
||||
//error: {},
|
||||
stack: {}
|
||||
}});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user