| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- const crypto = require('crypto')
- const uuid = require('uuid/v4')
- const jwt = require('jsonwebtoken')
- const SECRET = 'scale action palace measure'
- const genSeed = uuid
- const genKey = ({format = '###-###', alphabet = 'ABCDEFGHJKMNPQRSTUVWXYZ23456789'} = {}) => {
- const c = () => alphabet[Math.floor(Math.random() * alphabet.length)]
- return format.replace(/#/g, c)
- }
- const hashPassword = ({password, seed, email}) => {
- if (!password) throw new Error('Missing password')
- if (!seed) throw new Error('Missing seed')
- if (!email) throw new Error('Missing email')
- email = email.toLowerCase().trim()
- password = password.trim()
- const hash = crypto.createHash('sha256')
- hash.update(`${password},${seed},${email}`)
- const result = hash.digest('base64')
- return result
- }
- const createToken = user => jwt.sign({
- email: user.email,
- name: user.name,
- }, SECRET, { expiresIn: '2 days' })
- const validate = token => jwt.verify(token, SECRET, { complete: true })
- const authorize = (...claims) => (req, res, next) => {
- const reg = /^Bearer (.*)$/.exec(req.headers.authorization)
- let decoded
- if (reg && (decoded = validate(reg[1]))) {
- if (claims.every(claim => decoded[claim])) {
- req.identity = decoded.payload
- next()
- } else {
- res.status(403).send('Access denied')
- }
- } else {
- res.status(401).send('Authorization required')
- }
- }
- module.exports = { hashPassword, genSeed, createToken, validate, authorize, genKey }
|
