1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
import * as passport from 'passport'
import * as passportLocal from 'passport-local';
import * as mongodb from 'mongodb';
import * as _ from "lodash";
import { default as User } from '../models/User';
import { Request, Response, NextFunction } from "express";
const LocalStrategy = passportLocal.Strategy;
passport.serializeUser<any, any>((user, done) => {
done(undefined, user.id);
});
passport.deserializeUser<any, any>((id, done) => {
User.findById(id, (err, user) => {
done(err, user);
});
});
// AUTHENTICATE JUST WITH EMAIL AND PASSWORD
passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, done) => {
User.findOne({ email: email.toLowerCase() }, (error: any, user: any) => {
if (error) return done(error);
if (!user) return done(undefined, false, { message: "Invalid email or password" }) // invalid email
user.comparePassword(password, (error: Error, isMatch: boolean) => {
if (error) return done(error);
if (!isMatch) return done(undefined, false, { message: "Invalid email or password" }); // invalid password
// valid authentication HERE
return done(undefined, user);
});
});
}));
export let isAuthenticated = (req: Request, res: Response, next: NextFunction) => {
if (req.isAuthenticated()) {
return next();
}
return res.redirect("/login");
}
export let isAuthorized = (req: Request, res: Response, next: NextFunction) => {
const provider = req.path.split("/").slice(-1)[0];
if (_.find(req.user.tokens, { kind: provider })) {
next();
} else {
res.redirect(`/auth/${provider}`);
}
};
|
