Commit 51262aff authored by wim-vantomme's avatar wim-vantomme

Added salt hook.

Added custom authentication strategy.
Added bearer token parsing.
Added authentication on private route through bearer token.
parent 057c21b9
......@@ -52,12 +52,10 @@ privateForm.addEventListener('submit', (e) => {
const getData = store.get(2)
getData.onsuccess = (event) => {
const jwt = getData.result.jwt
axios({
url: 'private',
method: 'get',
headers: {'Authorization': `Bearer ${jwt}` },
headers: { 'Authorization': `Bearer ${jwt}` }
}).then((data) => {
console.log(data)
}).catch((err) => {
......@@ -65,5 +63,4 @@ privateForm.addEventListener('submit', (e) => {
})
}
})
})
......@@ -4784,6 +4784,14 @@
"pause": "0.0.1"
}
},
"passport-custom": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/passport-custom/-/passport-custom-1.0.5.tgz",
"integrity": "sha1-LR2cF0pqRoW/Aom85hCRzV7HsPQ=",
"requires": {
"passport-strategy": "1.0.0"
}
},
"passport-jwt": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/passport-jwt/-/passport-jwt-3.0.1.tgz",
......
......@@ -9,7 +9,7 @@ const feathers = require('@feathersjs/feathers')
const configuration = require('@feathersjs/configuration')
const express = require('@feathersjs/express')
const socketio = require('@feathersjs/socketio')
const authentication = require('@feathersjs/authentication')
const auth = require('@feathersjs/authentication')
const jwt = require('@feathersjs/authentication-jwt')
const middleware = require('./middleware')
......@@ -17,6 +17,8 @@ const services = require('./services')
const appHooks = require('./app.hooks')
const channels = require('./channels')
const bearer = require('./passport/jwtStrategy')
const app = express(feathers())
// Load app configuration
......@@ -34,9 +36,17 @@ app.use('/', express.static(app.get('public')))
// Set up Plugins and providers
app.configure(express.rest())
app.configure(socketio())
app.configure(authentication({secret: 'dit is een secret', service: 'private'}))
app.configure(auth({secret: 'secret', service: 'private'}))
app.configure(jwt())
// Initialiases custom passport strategy.
app.configure(
bearer({
header: 'Authorization',
app: app
})
)
// Configure other middleware (see `middleware/index.js`)
app.configure(middleware)
// Set up our services (see `services/index.js`)
......
const sodium = require('libsodium-wrappers')
module.exports = function (options = {}) { // eslint-disable-line no-unused-vars
return async context => {
const salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES)
context.app.locals = {salt}
return context
}
}
const passport = require('passport')
const CustomStrategy = require('passport-custom')
const jwt = require('jsonwebtoken')
const sodium = require('libsodium-wrappers')
module.exports = opts => {
return function () {
const verifier = (req, done) => {
// Removes bearer form token.
const jwtToken = req.headers.authorization.slice(7)
if (opts.app.locals.salt) {
jwt.verify(jwtToken, sodium.to_hex(opts.app.locals.salt), (err, decoded) => {
if (err) {
return done(err, false, {message: 'Access denied'})
} else {
return done(null, decoded)
}
})
}
return done(null, false, {message: 'Access denied'})
}
// Register the strategy in the app.passport instance.
this.passport.use('bearer', new CustomStrategy(verifier))
// Add options for the strategy.
this.passport.options('bearer', {})
}
}
......@@ -35,11 +35,7 @@ class Service {
const error = new errors.NotAuthenticated('You\'re not authorized')
throw error
} else {
const salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES)
console.log(this.app)
//app.locals({salt})
//app.set('secret', salt)
return jwt.sign({ nonce }, sodium.to_hex(salt))
return jwt.sign({ nonce }, sodium.to_hex(this.app.locals.salt))
}
}
......
const saltHook = require('../../hooks/generate-salt')
module.exports = {
before: {
all: [],
find: [],
get: [],
create: [],
create: [saltHook()],
update: [],
patch: [],
remove: []
......@@ -30,4 +30,4 @@ module.exports = {
patch: [],
remove: []
}
};
}
const authentication = require('@feathersjs/authentication');
const authentication = require('@feathersjs/authentication')
module.exports = {
before: {
all: [],
find: [
authentication.hooks.authenticate('jwt')
authentication.hooks.authenticate('bearer')
],
get: [],
create: [],
......
const assert = require('assert');
const feathers = require('@feathersjs/feathers');
const createAuthSalt = require('../../server/hooks/create-auth-salt');
describe('\'createAuthSalt\' hook', () => {
let app;
beforeEach(() => {
app = feathers();
app.use('/dummy', {
async get(id) {
return { id };
}
});
app.service('dummy').hooks({
before: createAuthSalt()
});
});
it('runs the hook', async () => {
const result = await app.service('dummy').get('test');
assert.deepEqual(result, { id: 'test' });
});
});
const assert = require('assert');
const feathers = require('@feathersjs/feathers');
const generateSalt = require('../../server/hooks/generate-salt');
describe('\'generate-salt\' hook', () => {
let app;
beforeEach(() => {
app = feathers();
app.use('/dummy', {
async get(id) {
return { id };
}
});
app.service('dummy').hooks({
before: generateSalt()
});
});
it('runs the hook', async () => {
const result = await app.service('dummy').get('test');
assert.deepEqual(result, { id: 'test' });
});
});
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment