| 1234567891011121314151617181920212223242526272829303132333435363738 |
- const _ = require('lodash')
- const config = require('../../../config')
- const { User, Session } = require('../../database')
- const JWT = require('jsonwebtoken')
- const aguid = require('aguid')
- module.exports = {
- post: async (req, res) => {
- if (!req.user) return res.status(403).send('Not logged in')
- const user = await User.findOne({where: {id: req.user.id}})
- if (!user) return res.status(403).send(`Could not find user ${req.user.id}`)
- const session = await Session.findOne({ where: {id: req.claims.sid}})
- if (!session) return res.status(403).send(`Could not find session ${req.claims.sid}`)
- const permissions = _.chain(await user.getRoles({paranoid: !config.hiddenRoles}))
- .map(role => (role.permissions || '').split(','))
- .flatten()
- .uniq()
- .map(permission => [permission, 1])
- .fromPairs()
- .value()
- const sid = req.claims.sid
- const exp = Math.floor(Date.now()/1000) + config.auth.jwtExpires
- session.endAt = exp
- await session.save()
- const token = JWT.sign({
- sid,
- exp,
- ...permissions,
- user: user.sanitize()
- }, config.auth.jwtSecret);
- return res.status(200).send({
- user: user.sanitize(),
- token
- })
- }
- }
|
