44 lines
1.7 KiB
JavaScript
44 lines
1.7 KiB
JavaScript
var bcrypt = require('bcrypt');
|
|
const passport = require('passport');
|
|
var LocalStrategy = require('passport-local').Strategy;
|
|
var HeaderAPIKeyStrategy = require('passport-headerapikey').HeaderAPIKeyStrategy;
|
|
var mongoose = require('mongoose');
|
|
var Application = mongoose.model('Application');
|
|
var User = mongoose.model('User');
|
|
|
|
passport.use('headerapikey', new HeaderAPIKeyStrategy(
|
|
{ header: 'Authorization', prefix: `${process.env.AUTHORIZATION_PREFIX} ` },
|
|
false,
|
|
function (apikey, done) {
|
|
const maskedKey = `${apikey.slice(0, 4)}...${apikey.slice(-4)}`;
|
|
Application.findOne({ maskedkey: maskedKey })
|
|
.populate('author')
|
|
.then(function (application) {
|
|
if (!application) {
|
|
return done({message: "Application can't be found.", status: 404}, false, false);
|
|
//return done(null, false, false);
|
|
}
|
|
return {app: application, prom: Promise.resolve(bcrypt.compare(apikey, application.apikey))};
|
|
}).then(function (res) {
|
|
res.prom.then(function (valid) {
|
|
if (!valid) {
|
|
return done(null, false, {app: res.app, valid: valid});
|
|
}
|
|
return done(null, res.app, valid);
|
|
});
|
|
}).catch(done);
|
|
}
|
|
));
|
|
|
|
passport.use('local', new LocalStrategy({
|
|
usernameField: 'user[email]',
|
|
passwordField: 'user[password]'
|
|
}, function (email, password, done) {
|
|
User.findOne({ email: email }).then(function (user) {
|
|
if (!user || !user.validPassword(password)) {
|
|
return done(null, false, { errors: { 'email ou mot de passe': 'invalide' } });
|
|
}
|
|
return done(null, user);
|
|
}).catch(done);
|
|
}));
|