.github
api-server
common
public
server
boot
boot_tests
manifests
middlewares
models
resources
rss
utils
about.js
auth.js
bad-id-map.js
cast-to-observable.js
certTypes.json
commit-goals.json
commit.js
commit.json
constantStrings.json
constants.js
cookieConfig.js
create-handled-error.js
date-utils.js
date-utils.test.js
getDynamicPropsForUser.js
getSetAccessToken.js
getSetAccessToken.test.js
in-memory-cache.js
in-memory-cache.test.js
index.js
lang-passthrough-urls.js
map.js
middleware.js
publicUserProps.js
react.js
resources.json
rx.js
superBlockCertTypeMap.js
url-utils.js
user-stats.js
user-stats.test.js
views
README.md
component-passport.js
config.development.js
config.json
config.local.js
config.production.js
datasources.development.js
datasources.json
datasources.production.js
debug-entry.js
middleware.json
model-config.json
passport-providers.js
production-start.js
server.js
.babelrc.js
.gitignore
development-entry.js
jest.config.js
package-lock.json
package.json
post-seed.js
client
config
curriculum
docs
guide
mock-guide
tools
.editorconfig
.eslintignore
.eslintrc.json
.gitattributes
.gitignore
.node-inspectorrc
.prettierrc
.snyk
.travis.yml
.vcmrc
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE.md
README.french.md
README.italian.md
README.md
docker-compose-shared.yml
docker-compose.yml
lerna.json
netlify.toml
package-lock.json
package.json
sample.env
75 lines
1.9 KiB
JavaScript
75 lines
1.9 KiB
JavaScript
|
import jwt from 'jsonwebtoken';
|
||
|
|
import { isBefore } from 'date-fns';
|
||
|
|
|
||
|
|
import { jwtSecret as _jwtSecret } from '../../../config/secrets';
|
||
|
|
|
||
|
|
export const authHeaderNS = 'X-fcc-access-token';
|
||
|
|
export const jwtCookieNS = 'jwt_access_token';
|
||
|
|
|
||
|
|
export function createCookieConfig(req) {
|
||
|
|
return {
|
||
|
|
signed: !!req.signedCookies,
|
||
|
|
domain: process.env.COOKIE_DOMAIN || 'localhost'
|
||
|
|
};
|
||
|
|
}
|
||
|
|
|
||
|
|
export function setAccessTokenToResponse(
|
||
|
|
{ accessToken },
|
||
|
|
req,
|
||
|
|
res,
|
||
|
|
jwtSecret = _jwtSecret
|
||
|
|
) {
|
||
|
|
const cookieConfig = {
|
||
|
|
...createCookieConfig(req),
|
||
|
|
maxAge: accessToken.ttl || 77760000000
|
||
|
|
};
|
||
|
|
const jwtAccess = jwt.sign({ accessToken }, jwtSecret);
|
||
|
|
res.cookie(jwtCookieNS, jwtAccess, cookieConfig);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
export function getAccessTokenFromRequest(req, jwtSecret = _jwtSecret) {
|
||
|
|
const maybeToken =
|
||
|
|
(req.headers && req.headers[authHeaderNS]) ||
|
||
|
|
(req.signedCookies && req.signedCookies[jwtCookieNS]) ||
|
||
|
|
(req.cookie && req.cookie[jwtCookieNS]);
|
||
|
|
if (!maybeToken) {
|
||
|
|
return {
|
||
|
|
accessToken: null,
|
||
|
|
error: errorTypes.noTokenFound
|
||
|
|
};
|
||
|
|
}
|
||
|
|
let token;
|
||
|
|
try {
|
||
|
|
token = jwt.verify(maybeToken, jwtSecret);
|
||
|
|
} catch (err) {
|
||
|
|
return { accessToken: null, error: errorTypes.invalidToken };
|
||
|
|
}
|
||
|
|
|
||
|
|
const { accessToken } = token;
|
||
|
|
const { created, ttl } = accessToken;
|
||
|
|
const valid = isBefore(Date.now(), Date.parse(created) + ttl);
|
||
|
|
if (!valid) {
|
||
|
|
return {
|
||
|
|
accessToken: null,
|
||
|
|
error: errorTypes.expiredToken
|
||
|
|
};
|
||
|
|
}
|
||
|
|
return { accessToken, error: '', jwt: maybeToken };
|
||
|
|
}
|
||
|
|
|
||
|
|
export function removeCookies(req, res) {
|
||
|
|
const config = createCookieConfig(req);
|
||
|
|
res.clearCookie(jwtCookieNS, config);
|
||
|
|
res.clearCookie('access_token', config);
|
||
|
|
res.clearCookie('userId', config);
|
||
|
|
res.clearCookie('_csrf', config);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
export const errorTypes = {
|
||
|
|
noTokenFound: 'No token found',
|
||
|
|
invalidToken: 'Invalid token',
|
||
|
|
expiredToken: 'Token timed out'
|
||
|
|
};
|