innocuous-symmetry/auth-template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactoring to use jwt with cookies

Browse Source
This commit is contained in:
Mikayla Dobson
2023-02-08 16:01:23 -06:00
parent 38f8ef23d0
commit 303c2d031e
18 changed files with 222 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/routes/auth.js
View File

@@ -30,6 +30,8 @@ async function authRoute(app, passport) {
response = response.data;
}
console.log(response);
req.user = response;
req.session.user = response;
@@ -43,12 +45,14 @@ async function authRoute(app, passport) {
}
const token = jwt.sign({ user: safeUserData }, secret);
req.session.token = token;
req.session.save((err) => {
return next(err);
})
console.log(req.session);
res.cookie('token', token, { httpOnly: true });
res.json({ token });
}
} catch (error) {
@@ -60,7 +64,8 @@ async function authRoute(app, passport) {
try {
req.session = null;
req.user = null;
res.status(200).clearCookie('connect.sid');
res.clearCookie('connect.sid').clearCookie('token');
res.status(204).send("logout successful");
res.end();
} catch (error) {
console.log(error);

25
server/routes/base.js Normal file
View File

@@ -0,0 +1,25 @@
const router = require('express').Router();
require('dotenv').config();
const secret = process.env.SECRET;
async function baseRoute(app, passport) {
router.get('/', async (req, res, next) => {
try {
console.log(req.session);
const user = undefined;
if (!user) {
res.status(403).send("Not authorized");
} else {
res.status(200).send({ token: req.token, user: req.user });
}
} catch (error) {
console.log(error);
}
})
return router;
}
module.exports = baseRoute;

28
server/routes/index.js
View File

@@ -1,22 +1,32 @@
const jwt = require('jsonwebtoken');
const authRoute = require("./auth");
const itemRoute = require("./item");
const jwtRoute = require('./jwt');
const baseRoute = require('./base');
async function routesLoader(app, passport) {
app.use('/app', (req, res, next) => {
const token = req.headers['authorization'].split(" ")[1];
jwt.verify(token, process.env.SECRET, (err, data) => {
if (err) {
res.status(403).send(err);
} else {
req.user = data;
next();
}
})
const token = req.headers['authorization']?.split(" ")[1];
if (!token) {
res.status(403).send("Unauthorized");
} else {
jwt.verify(token, process.env.SECRET, (err, data) => {
if (err) {
res.status(403).send(err);
} else {
req.user = data;
next();
}
})
}
})
app.use('/', await baseRoute(app, passport));
app.use('/auth', await authRoute(app, passport));
app.use('/app', await itemRoute(app, passport));
app.use('/jwt', await jwtRoute(app, passport));
}
module.exports = routesLoader;

6
server/routes/item.js
View File

@@ -1,10 +1,10 @@
// const jwt = require('jsonwebtoken');
const jwt = require('jsonwebtoken');
require('dotenv').config();
const router = require('express').Router();
const ItemController = require('../controllers/ItemController');
async function itemRoute(app, passport) {
/* router.use('/', (req, res, next) => {
router.use('/', (req, res, next) => {
const token = req.headers['authorization'].split(" ")[1];
jwt.verify(token, process.env.SECRET, (err, data) => {
if (err) {
@@ -14,7 +14,7 @@ async function itemRoute(app, passport) {
next();
}
})
}) */
})
router.get('/item', async (req, res) => {
const response = await ItemController.getAll();

22
server/routes/jwt.js Normal file
View File

@@ -0,0 +1,22 @@
const router = require('express').Router();
const jwt = require('jsonwebtoken');
require('dotenv').config();
const secret = process.env.SECRET;
async function jwtRoute(app, passport) {
router.get('/', (req, res) => {
const user = req.user;
if (!user) {
res.status(403).send("Unauthorized");
} else {
const token = jwt.sign({ user: req.user }, secret);
res.cookie('token', token, { httpOnly: true });
res.json({ token });
}
});
return router;
}
module.exports = jwtRoute;