mape/kt-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
kt-backend/auth.js
Mario Peters a2589ef11e remove platz1-4 from table
2025-06-10 11:48:21 +02:00

57 lines
2.3 KiB
JavaScript
Raw Permalink Blame History

const jwtPlugin = require('hapi-auth-jwt2').plugin
const jwt = require('jsonwebtoken')
const crypto = require('crypto')
const validate = function (credentials) {
// Run any checks here to confirm we want to grant these credentials access
return {
isValid: true,
credentials, // request.auth.credentials
}
}
exports.configureAuth = async (server) => {
await server.register(jwtPlugin)
server.auth.strategy('admin', 'jwt', {
key: process.env.JWT_KEY,
validate,
verifyOptions: { algorithms: ['HS256'] },
})
// Default all routes to require JWT and opt out for public routes
server.auth.default('admin')
}
// TODO: save login timestamp
exports.login = async (email, password, request, fakeID) => {
return new Promise((resolve, reject) => {
const sql = "SELECT id, login, pass, adminstatus FROM accounts WHERE login = '" + email + "'"
request.app.db.query(sql, (err, results) => {
if (err) console.error(err)
if (email === results[0]?.login) {
const md5pw = crypto.createHash('md5').update(password).digest('hex')
if (md5pw === results[0].pass) {
let token, accountId, adminstatus
if (results[0].adminstatus > 9 && fakeID) {
accountId = fakeID
adminstatus = 10
const credentials = { email, id: accountId, admin: adminstatus }
token = jwt.sign(credentials, process.env.JWT_KEY, { algorithm: 'HS256', expiresIn: '24 hours' })
} else {
accountId = results[0].id
adminstatus = results[0].adminstatus
const credentials = { email, id: accountId, admin: adminstatus }
token = jwt.sign(credentials, process.env.JWT_KEY, { algorithm: 'HS256', expiresIn: '24 hours' })
}
return resolve({ token, accountId, adminstatus })
} else {
return reject('wrong credentials')
}
} else {
return reject('wrong credentials')
}
})
})
// if (!(email === 'mario@wattsche.de' && password === 'mmario')) return Boom.notAcceptable();
}
Reference in New Issue View Git Blame Copy Permalink