- aggiornamento refreshtoken (parte 1)
- PCB: fix listino
This commit is contained in:
Surya Paolo
@@ -13,6 +13,7 @@ const auth_default = (req, res, next) => {
|
||||
|
||||
const authenticate = (req, res, next) => {
|
||||
const token = req.header('x-auth');
|
||||
//const refreshToken = req.header('x-refrTok');
|
||||
|
||||
// console.log('authenticate... ');
|
||||
|
||||
@@ -29,32 +30,30 @@ const authenticate = (req, res, next) => {
|
||||
|
||||
const access = 'auth';
|
||||
|
||||
User.findByToken(token, access).then((user) => {
|
||||
return User.findByToken(token, access, true).then((ris) => {
|
||||
|
||||
if (!user) {
|
||||
// tools.mylog("TOKEN " + token);
|
||||
// tools.mylog(" NOT FOUND! (Maybe Connected to other Page) ACCESS: '" + access + "'");
|
||||
return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);
|
||||
// res.status().send();
|
||||
if (ris && ris.user && !!ris.user.deleted) {
|
||||
if (ris.user.deleted)
|
||||
ris.user = null;
|
||||
}
|
||||
|
||||
if (!!user.deleted) {
|
||||
if (user.deleted)
|
||||
user = null;
|
||||
if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) {
|
||||
return Promise.reject(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED);
|
||||
}
|
||||
|
||||
if (!user) {
|
||||
if (!ris.user) {
|
||||
return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);
|
||||
}
|
||||
|
||||
if (!!user) {
|
||||
if (!!ris.user) {
|
||||
// Save last time online
|
||||
user.lasttimeonline = new Date();
|
||||
user.useragent = req.get('User-Agent');
|
||||
ris.user.lasttimeonline = new Date();
|
||||
ris.user.useragent = req.get('User-Agent');
|
||||
|
||||
return user.save().then(() => {
|
||||
req.user = user;
|
||||
return ris.user.save().then(() => {
|
||||
req.user = ris.user;
|
||||
req.token = token;
|
||||
// req.refreshToken = refreshToken;
|
||||
req.access = access;
|
||||
next();
|
||||
});
|
||||
@@ -62,32 +61,41 @@ const authenticate = (req, res, next) => {
|
||||
// tools.mylog('userid', user._id);
|
||||
|
||||
}).catch((e) => {
|
||||
if (e === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) {
|
||||
return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send();
|
||||
}
|
||||
tools.mylog("ERR authenticate invalid Token =", e);
|
||||
res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send();
|
||||
});
|
||||
};
|
||||
|
||||
const authenticate_noerror = (req, res, next) => {
|
||||
const token = req.header('x-auth');
|
||||
try {
|
||||
const token = req.header('x-auth');
|
||||
const refreshToken = req.header('x-refrTok');
|
||||
|
||||
const access = 'auth';
|
||||
const access = 'auth';
|
||||
|
||||
User.findByToken(token, access).then((user) => {
|
||||
if (!user) {
|
||||
return User.findByToken(token, access, false).then((ris) => {
|
||||
if (ris.code !== server_constants.RIS_CODE_OK) {
|
||||
req.user = null;
|
||||
req.token = null;
|
||||
req.access = null;
|
||||
} else {
|
||||
req.user = ris.user;
|
||||
req.token = token;
|
||||
req.refreshToken = refreshToken;
|
||||
req.access = access;
|
||||
}
|
||||
next();
|
||||
}).catch((e) => {
|
||||
req.user = null;
|
||||
req.token = null;
|
||||
req.access = null;
|
||||
} else {
|
||||
req.user = user;
|
||||
req.token = token;
|
||||
req.access = access;
|
||||
}
|
||||
next();
|
||||
}).catch((e) => {
|
||||
req.user = null;
|
||||
req.token = null;
|
||||
req.access = null;
|
||||
});
|
||||
});
|
||||
} catch (e) {
|
||||
console.error('Err', e);
|
||||
}
|
||||
};
|
||||
|
||||
module.exports = { authenticate, authenticate_noerror, auth_default };
|
||||
|
||||
Reference in New Issue
Block a user