feat: setup authentication

author: eug-vs <eug-vs@keemail.me> 2020-11-15 03:46:51 +0300
committer: eug-vs <eug-vs@keemail.me> 2020-11-15 03:46:51 +0300
commit: 7da6c6a8e4a3590dfb8569b9fc24b4054552c96f (patch)
tree: 7e698115c9fc07767a7c4565e64174441d5d67db /src/services
parent: d113caace46ee53b86a31da2879d991562de45a1 (diff)
download: bsu-fantom-7da6c6a8e4a3590dfb8569b9fc24b4054552c96f.tar.gz
4 files changed, 50 insertions, 1 deletions
diff --git a/src/services/auth/auth.service.js b/src/services/auth/auth.service.js
new file mode 100644
index 0000000..9e92a02
--- /dev/null
+++ b/src/services/auth/auth.service.js
@@ -0,0 +1,22 @@
+const { AuthenticationService, JWTStrategy } = require('@feathersjs/authentication');
+const { LocalStrategy } = require('@feathersjs/authentication-local');
+const _ = require('lodash');
+
+class NoHashingLocalStrategy extends LocalStrategy {
+  async comparePassword (entity, password) {
+    const { entityPasswordField, errorMessage } = this.configuration;
+    const entityPassword = _.get(entity, entityPasswordField);
+    if (entityPassword !== password) throw new Error(errorMessage);
+    return entity;
+  }
+}
+
+module.exports = app => {
+  const authentication = new AuthenticationService(app);
+
+  authentication.register('local', new NoHashingLocalStrategy());
+  authentication.register('jwt', new JWTStrategy());
+
+  app.use('/authentication', authentication);
+};
+
diff --git a/src/services/index.js b/src/services/index.js
index f2d65d0..b8ef1db 100644
--- a/src/services/index.js
+++ b/src/services/index.js
@@ -1,9 +1,11 @@
 const Users = require('./users/user.service.js');
 const Events = require('./events/event.service.js');
+const Auth = require('./auth/auth.service.js');
 
 module.exports = app => {
   app.configure(Users);
   app.configure(Events);
+  app.configure(Auth);
 
   app.get('/ping', (req, res) => res.send('pong'));
 };
diff --git a/src/services/users/user.hooks.js b/src/services/users/user.hooks.js
new file mode 100644
index 0000000..daeda68
--- /dev/null
+++ b/src/services/users/user.hooks.js
@@ -0,0 +1,21 @@
+const { hooks } = require ('@feathersjs/authentication-local');
+const { NotAuthenticated } = require('@feathersjs/errors');
+
+const compareUser = async context => {
+  if (context.id !== context.params.user._id.toString()) {
+    throw new NotAuthenticated('You can only PATCH/UPDATE your own user!');
+  }
+  return context;
+};
+
+
+module.exports = {
+  after: {
+    all: hooks.protect('password')
+  },
+  before: {
+    patch: [compareUser],
+    update: [compareUser]
+  }
+};
+
diff --git a/src/services/users/user.service.js b/src/services/users/user.service.js
index 67f2ae6..afb3b9e 100644
--- a/src/services/users/user.service.js
+++ b/src/services/users/user.service.js
@@ -1,7 +1,11 @@
 const service = require('feathers-mongoose');
 const Model = require('./user.model.js');
+const hooks = require('./user.hooks.js');
 
 const UserService = service({ Model })
 
-module.exports = app => app.use('/users', UserService);
+module.exports = app => {
+  app.use('/users', UserService);
+  app.service('users').hooks(hooks);
+};
author	eug-vs <eug-vs@keemail.me>	2020-11-15 03:46:51 +0300
committer	eug-vs <eug-vs@keemail.me>	2020-11-15 03:46:51 +0300
commit	7da6c6a8e4a3590dfb8569b9fc24b4054552c96f (patch)
tree	7e698115c9fc07767a7c4565e64174441d5d67db /src/services
parent	d113caace46ee53b86a31da2879d991562de45a1 (diff)
download	bsu-fantom-7da6c6a8e4a3590dfb8569b9fc24b4054552c96f.tar.gz