Fipamo/brain/data/Auth.js

import * as DataEvent from '../../src/com/events/DataEvent';
const bCrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const _ = require('lodash');

export default class Auth {
	//--------------------------
	// constructor
	//--------------------------
	constructor() {}
	//--------------------------
	// methods
	//--------------------------
	start() {}

	/**
	 * Makes sure access token is legit
	 * @parameter req
	 */

	authCheck(req) {
		let self = this;
		return new Promise((resolve, reject) => {
			let hash = req.headers['x-access-token'];
			let response = [];
			//check to see if user is logged in
			if (!req.session.user) {
				response = {
					status: false,
					type: DataEvent.API_REQUEST_LAME,
					message: "You're not logged in, champ."
				};
				reject(response);
			}

			//Checks if token is a proper hash, if not reject
			if (!self.isTokenValid(req.session.token, hash)) {
				response = {
					status: false,
					type: DataEvent.API_REQUEST_LAME,
					message: 'No Token Present. Auth Blocked'
				};
				reject(response);
				//res.json();
			} else {
				var member = req.session.user;
				jwt.verify(req.session.token, member.key, function (err, decoded) {
					if (err) {
						response = {
							status: false,
							type: DataEvent.API_REQUEST_LAME,
							message: 'Invalid Token. Auth Blocked'
						};
						reject(response);
					}
					response = {
						status: true,
						type: DataEvent.API_REQUEST_GOOD,
						message: 'Token Verified',
						token: decoded
					};
					resolve(response);
				});
			}
		});
	}

	verifyCredentials(config, credentials) {
		return new Promise((resolve, reject) => {
			var found = _.find(config, { handle: credentials.handle });
			var response;
			if (found) {
				if (!this.isValidPassword(found, credentials.pass)) {
					response = {
						type: DataEvent.REQUEST_LAME,
						message: 'CHECK YOUR PASSWORD'
					};
					reject(response);
				}

				response = { type: DataEvent.REQUEST_GOOD, message: 'Backup Verified. Restoring' };
				resolve(response);
			} else {
				response = { type: DataEvent.REQUEST_LAME, message: 'Handle not found, boss' };
				reject(response);
			}
		});
	}

	isValidPassword(user, password) {
		return bCrypt.compareSync(password, user.password);
	}

	/**
	 * Checks to make sure received token matches
	 * @parameter token: created token
	 * @parameter hashedToken: encrypted token
	 */
	isTokenValid(token, hashedToken) {
		return bCrypt.compareSync(token, hashedToken);
	}
	//--------------------------
	// event handlers
	//--------------------------
}
moved auth methods to their own standalone class 5 years ago			`import * as DataEvent from '../../src/com/events/DataEvent';`
cleaned up/updated node modules, fixed page edit bug, updated bcrypt 4 years ago			`const bCrypt = require('bcrypt');`
moved auth methods to their own standalone class 5 years ago			`const jwt = require('jsonwebtoken');`
backup functionality patch 4 years ago			`const _ = require('lodash');`
moved auth methods to their own standalone class 5 years ago
			`export default class Auth {`
			`//--------------------------`
			`// constructor`
			`//--------------------------`
			`constructor() {}`
			`//--------------------------`
			`// methods`
			`//--------------------------`
			`start() {}`

			`/**`
			`* Makes sure access token is legit`
			`* @parameter req`
			`*/`

			`authCheck(req) {`
			`let self = this;`
			`return new Promise((resolve, reject) => {`
			`let hash = req.headers['x-access-token'];`
			`let response = [];`
fixed API authentication bug. whew. 5 years ago			`//check to see if user is logged in`
			`if (!req.session.user) {`
			`response = {`
			`status: false,`
			`type: DataEvent.API_REQUEST_LAME,`
			`message: "You're not logged in, champ."`
			`};`
			`reject(response);`
			`}`

moved auth methods to their own standalone class 5 years ago			`//Checks if token is a proper hash, if not reject`
			`if (!self.isTokenValid(req.session.token, hash)) {`
			`response = {`
			`status: false,`
			`type: DataEvent.API_REQUEST_LAME,`
			`message: 'No Token Present. Auth Blocked'`
			`};`
			`reject(response);`
			`//res.json();`
			`} else {`
			`var member = req.session.user;`
			`jwt.verify(req.session.token, member.key, function (err, decoded) {`
			`if (err) {`
			`response = {`
			`status: false,`
			`type: DataEvent.API_REQUEST_LAME,`
			`message: 'Invalid Token. Auth Blocked'`
			`};`
			`reject(response);`
			`}`
			`response = {`
			`status: true,`
			`type: DataEvent.API_REQUEST_GOOD,`
			`message: 'Token Verified',`
			`token: decoded`
			`};`
			`resolve(response);`
			`});`
			`}`
			`});`
			`}`

backup functionality patch 4 years ago			`verifyCredentials(config, credentials) {`
			`return new Promise((resolve, reject) => {`
			`var found = _.find(config, { handle: credentials.handle });`
			`var response;`
			`if (found) {`
			`if (!this.isValidPassword(found, credentials.pass)) {`
			`response = {`
			`type: DataEvent.REQUEST_LAME,`
			`message: 'CHECK YOUR PASSWORD'`
			`};`
			`reject(response);`
			`}`

			`response = { type: DataEvent.REQUEST_GOOD, message: 'Backup Verified. Restoring' };`
			`resolve(response);`
			`} else {`
			`response = { type: DataEvent.REQUEST_LAME, message: 'Handle not found, boss' };`
			`reject(response);`
			`}`
			`});`
			`}`

			`isValidPassword(user, password) {`
			`return bCrypt.compareSync(password, user.password);`
			`}`

moved auth methods to their own standalone class 5 years ago			`/**`
			`* Checks to make sure received token matches`
			`* @parameter token: created token`
			`* @parameter hashedToken: encrypted token`
			`*/`
			`isTokenValid(token, hashedToken) {`
			`return bCrypt.compareSync(token, hashedToken);`
			`}`
			`//--------------------------`
			`// event handlers`
			`//--------------------------`
			`}`