Files
headup_api/config/passport.js
T
2023-09-12 21:43:57 +02:00

44 lines
1.7 KiB
JavaScript

var bcrypt = require('bcrypt');
const passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var HeaderAPIKeyStrategy = require('passport-headerapikey').HeaderAPIKeyStrategy;
var mongoose = require('mongoose');
var Application = mongoose.model('Application');
var User = mongoose.model('User');
passport.use('headerapikey', new HeaderAPIKeyStrategy(
{ header: 'Authorization', prefix: `${process.env.AUTHORIZATION_PREFIX} ` },
false,
function (apikey, done) {
const maskedKey = `${apikey.slice(0, 4)}...${apikey.slice(-4)}`;
Application.findOne({ maskedkey: maskedKey })
.populate('author')
.then(function (application) {
if (!application) {
return done({message: "Application can't be found.", status: 404}, false, false);
//return done(null, false, false);
}
return {app: application, prom: Promise.resolve(bcrypt.compare(apikey, application.apikey))};
}).then(function (res) {
res.prom.then(function (valid) {
if (!valid) {
return done(null, false, {app: res.app, valid: valid});
}
return done(null, res.app, valid);
});
}).catch(done);
}
));
passport.use('local', new LocalStrategy({
usernameField: 'user[email]',
passwordField: 'user[password]'
}, function (email, password, done) {
User.findOne({ email: email }).then(function (user) {
if (!user || !user.validPassword(password)) {
return done(null, false, { errors: { 'email ou mot de passe': 'invalide' } });
}
return done(null, user);
}).catch(done);
}));