110 lines
2.7 KiB
JavaScript
Executable File
110 lines
2.7 KiB
JavaScript
Executable File
const server_constants = require('../tools/server_constants');
|
|
|
|
var { User } = require('../models/user');
|
|
|
|
const tools = require('../tools/general');
|
|
|
|
const auth_default = (req, res, next) => {
|
|
|
|
if (req.body.keyappid === process.env.KEY_APP_ID)
|
|
next();
|
|
|
|
};
|
|
|
|
const authenticate = (req, res, next) => {
|
|
const token = req.header('x-auth');
|
|
//const refreshToken = req.header('x-refrtok');
|
|
|
|
// console.log('authenticate... ');
|
|
|
|
let noaut = false;
|
|
|
|
if (req.body.hasOwnProperty('noaut')) {
|
|
noaut = req.body.noaut;
|
|
}
|
|
|
|
if (noaut) {
|
|
next();
|
|
return;
|
|
}
|
|
|
|
const access = 'auth';
|
|
|
|
return User.findByToken(token, access, true).then((ris) => {
|
|
|
|
if (ris && ris.user && !!ris.user.deleted) {
|
|
if (ris.user.deleted)
|
|
ris.user = null;
|
|
}
|
|
|
|
if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) {
|
|
return Promise.reject(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED);
|
|
}
|
|
|
|
if (!ris.user) {
|
|
return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);
|
|
}
|
|
|
|
if (!!ris.user) {
|
|
// Save last time online
|
|
ris.user.lasttimeonline = new Date();
|
|
ris.user.retry_pwd = 0
|
|
ris.user.useragent = req.get('User-Agent');
|
|
|
|
return ris.user.save().then(() => {
|
|
req.user = ris.user;
|
|
req.token = token;
|
|
// req.refreshToken = refreshToken;
|
|
req.access = access;
|
|
next(); // Esegui il codice successivo
|
|
});
|
|
}
|
|
// tools.mylog('userid', user._id);
|
|
|
|
}).catch((e) => {
|
|
if (e === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) {
|
|
return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send();
|
|
}
|
|
tools.mylog("ERR authenticate invalid Token =", e);
|
|
res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send();
|
|
});
|
|
};
|
|
|
|
const authenticate_noerror = (req, res, next) => {
|
|
try {
|
|
const token = req.header('x-auth');
|
|
const refreshToken = req.header('x-refrtok');
|
|
|
|
const access = 'auth';
|
|
|
|
return User.findByToken(token, access, false).then((ris) => {
|
|
if (ris.code !== server_constants.RIS_CODE_OK) {
|
|
req.user = null;
|
|
req.token = null;
|
|
req.access = null;
|
|
req.code = ris.code;
|
|
} else {
|
|
req.user = ris.user;
|
|
req.token = token;
|
|
req.refreshToken = refreshToken;
|
|
req.access = access;
|
|
req.code = ris.code;
|
|
}
|
|
// Vai avanti ad eseguire il codice, in ogni modo !
|
|
next();
|
|
}).catch((e) => {
|
|
req.user = null;
|
|
req.token = null;
|
|
req.access = null;
|
|
req.code = 0;
|
|
|
|
// Continua comunque !
|
|
next();
|
|
});
|
|
} catch (e) {
|
|
console.error('Err', e);
|
|
}
|
|
};
|
|
|
|
module.exports = { authenticate, authenticate_noerror, auth_default };
|