3 //var mongoose = require('mongoose');
4 var passport = require('passport');
5 var config = require('../config/environment');
6 var jwt = require('jsonwebtoken');
7 var expressJwt = require('express-jwt');
8 var compose = require('composable-middleware');
9 // var User = require('../api/user/user.model');
10 var User = require('../models').User;
11 var validateJwt = expressJwt({
12 secret: config.session.secret
16 * Attaches the user object to the request if authenticated
17 * Otherwise returns 403
19 function isAuthenticated() {
22 .use(function(req, res, next) {
23 // allow access_token to be passed through query parameter as well
24 if (req.query && req.query.hasOwnProperty('access_token')) {
25 req.headers.authorization = 'Bearer ' + req.query.access_token;
27 validateJwt(req, res, next);
29 // Attach user to request
30 .use(function(req, res, next) {
32 .findById(req.user.id)
33 .then(function(user) {
34 if (!user) return res.send(401);
38 .catch(function(err) {
45 * Checks if the user role meets the minimum requirements of the route
47 function hasRole(roleRequired) {
48 if (!roleRequired) throw new Error('Required role needs to be set');
51 .use(isAuthenticated())
52 .use(function meetsRequirements(req, res, next) {
53 if (config.userRoles.indexOf(req.user.role) >= config.userRoles.indexOf(roleRequired)) {
62 * Returns a jwt token signed by the app secret
64 function signToken(id, role, remember) {
65 var expiresIn = 60 * 24 * 365 * 5; //If remember, it expires in 5 years
67 expiresIn = "1d"; //Expire in one day
70 }, config.session.secret, {
76 * Set token cookie directly for oAuth strategies
78 function setTokenCookie(req, res) {
79 if (!req.user) return res.json(404, {
80 message: 'Something went wrong, please try again.'
82 var token = signToken(req.user.id, req.user.role);
83 res.cookie('token', JSON.stringify(token));
87 exports.isAuthenticated = isAuthenticated;
88 exports.hasRole = hasRole;
89 exports.signToken = signToken;
90 exports.setTokenCookie = setTokenCookie;