feat(auth): Authorise 'external' requests through JWT (#17224)

2018-05-23 21:10:56 +01:00
parent 3397fbbf60
commit dfda68fb58
10 changed files with 132 additions and 8 deletions
--- a/server/component-passport.js
+++ b/server/component-passport.js
@@ -3,6 +3,7 @@ import { PassportConfigurator } from
 '@freecodecamp/loopback-component-passport';
 import passportProviders from './passport-providers';
 import url from 'url';
+import jwt from 'jsonwebtoken';

 const passportOptions = {
  emailOptional: true,
@@ -143,6 +144,8 @@ export default function setupPassport(app) {
                maxAge: accessToken.ttl,
                domain: process.env.COOKIE_DOMAIN || 'localhost'
              };
+              const jwtAccess = jwt.sign({accessToken}, process.env.JWT_SECRET);
+              res.cookie('jwt_access_token', jwtAccess, cookieConfig);
              res.cookie('access_token', accessToken.id, cookieConfig);
              res.cookie('userId', accessToken.userId, cookieConfig);
              req.login(user);