fix bug

lambdaAgent · lambdaAgent · commit d3bd7efc8be5 · 2018-10-30T10:23:56.000+07:00
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -10,15 +10,14 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "bcrypt": "^3.0.2",
+    "bcrypt": "3.0.2",
     "body-parser": "1.17.2",
     "config": "2.0.1",
     "cors": "2.8.4",
-    "crypto": "^1.0.1",
     "dotenv": "4.0.0",
     "express": "4.15.3",
-    "jsonwebtoken": "^8.3.0",
-    "pg": "^7.6.0",
+    "jsonwebtoken": "8.3.0",
+    "pg": "7.6.0",
     "reflect-metadata": "0.1.12",
     "sequelize": "4.41.0",
     "sequelize-typescript": "0.6.6",
diff --git a/src/Model/Person/Person.ts b/src/Model/Person/Person.ts
@@ -1,6 +1,6 @@
 import {Table, Column, Model, CreatedAt, UpdatedAt, AllowNull, IsUUID, PrimaryKey, NotNull, BeforeCreate, BeforeUpdate, Length, DataType, AfterCreate, AfterUpdate, IsEmail, Unique} from 'sequelize-typescript';
 
-import {hashedPassword} from '../utils/password'
+import {hashedPassword} from '../../utils/password'
 
 @Table({timestamps: true, tableName: "person", schema: "core"})
 class Person extends Model<Person> {
diff --git a/src/Model/Token/Roles.ts b/src/Model/Token/Roles.ts
@@ -0,0 +1,15 @@
+
+//an enum
+interface Role {
+    name: string,
+    roles: string[]
+}
+
+class Roles {
+    static Admin:Role = {name: 'admin', roles: []}
+}
+
+export default Roles
+export {
+    Role, Roles
+}
diff --git a/src/Model/Token/Token.ts b/src/Model/Token/Token.ts
@@ -1,94 +1,19 @@
 const jwt = require('jsonwebtoken')
 const config = require('config')
-const crypto = require('crypto')
-const algorithm = 'aes-256-ctr';
-const passwordForBody = config.token.passwordForBody
-const secret = config.token.secret
-const jwtMaxAge = config.token.maxAge
-const issuer = config.token.issuer
+import TokenUtil from './TokenUtil'
+import {Role, Roles} from './Roles'
 
-// C=create, R=read, U=update, D=delete
-enum action {
-    None=null,
-    
-}
-
-//an enum
-interface Role {
-    name: string,
-    roles: string[]
-}
-export class Roles {
-    static Admin:Role = {name: 'admin', roles: []}
-}
-
-export type Data = {
+type Data = {
     permission: string,
     role: Role
 }
-export class TokenError {
-    static None = null
-    static EXPIRED = { status: 401, message: 'Token is expired' }
-
-}
-
-export class Token {
+class Token {
     data: Data // encrypted (type Data)
     expired: number
 }
 
-export class TokenUtil {
-    static sign(data:Data):Promise<string>{
-        return new Promise((resolve, reject) => {
-            const payload = encrypt(JSON.stringify(data), passwordForBody)
-            jwt.sign(payload, secret, {issuer, expiresIn: jwtMaxAge}, (err, token) => {
-                if(err) return reject(err)
-                resolve(token)               
-            })
-        })
-    }
-    static verify(token:string): Promise<Token>{
-        return new Promise((resolve, reject) => {
-            jwt.verify(token, secret, function(err, decoded) {
-                if(err) return reject(err)
-                const data = decrypt(decoded.data, passwordForBody)
-                decoded.data = JSON.parse(data)
-                return resolve(decoded)
-            });
-        })
-    }
-    static isValid(token:string): boolean|TokenError{
-        TokenUtil.verify(token)
-                 .then(decoded => {
-                     if(decoded.expired > new Date().getTime()/1000){
-                        return TokenError.EXPIRED
-                     }
-                     if(decoded.data.permission !== ){
-                         return 
-                     }
-                 })
-        return true
-    }
-}
-
 export default Token
-
-
-  // do not use a global iv for production, 
-  // generate a new one for each encryption
-
-  function encrypt(text:string, password:string): string{
-    var cipher = crypto.createCipher(algorithm,password)
-    var crypted = cipher.update(text,'utf8','hex')
-    crypted += cipher.final('hex');
-    return crypted;
-  }
-   
-  function decrypt(text:string, password:string): string{
-    var decipher = crypto.createDecipher(algorithm,password)
-    var dec = decipher.update(text,'hex','utf8')
-    dec += decipher.final('utf8');
-    return dec;
-  }
-   
+export {
+    TokenUtil, Data, Token
+}
 
diff --git a/src/Model/Token/TokenUtil.ts b/src/Model/Token/TokenUtil.ts
@@ -0,0 +1,74 @@
+import * as crypto from 'crypto'
+import {Data, Token} from './Token'
+import TokenError from '../../enum/Error/TokenError'
+import config from 'config'
+import jwt from 'jsonwebtoken'
+import { Request, Response } from 'express';
+
+const algorithm = 'aes-256-ctr';
+const passwordForBody = config.token.passwordForBody
+const secret = config.token.secret
+const jwtMaxAge = config.token.maxAge
+const issuer = config.token.issuer
+
+export default class TokenUtil {
+    static sign(data:Data):Promise<string>{
+        return new Promise((resolve, reject) => {
+            const payload = encrypt(JSON.stringify(data), passwordForBody)
+            jwt.sign(payload, secret, {issuer, expiresIn: jwtMaxAge}, (err, token) => {
+                if(err) return reject(err)
+                resolve(token)               
+            })
+        })
+    }
+    static verify(token:string): Promise<Token>{
+        return new Promise((resolve, reject) => {
+            jwt.verify(token, secret, function(err, decoded) {
+                if(err) return reject(err)
+                const data = decrypt(decoded.data, passwordForBody)
+                decoded.data = JSON.parse(data)
+                return resolve(decoded)
+            });
+        })
+    }
+    static validate(req:Request, res:Response): boolean|TokenError{
+        if(!req.headers.authorization) {
+            return TokenError.TOKEN_INVALID
+        }
+        const token:string = req.headers.authorization!
+        TokenUtil.verify(token)
+                 .then(decoded => {
+                     if(decoded.expired > new Date().getTime()/1000){
+                        return TokenError.EXPIRED
+                     }
+                     
+                 })
+        return true
+    }
+    static authenticate(req:Request, res:Response):boolean|TokenError{
+        if(!req.headers.authorization) {
+            return TokenError.TOKEN_INVALID
+        }
+        return true
+    }
+}
+
+
+  // do not use a global iv for production, 
+  // generate a new one for each encryption
+
+  function encrypt(text:string, password:string): string{
+    var cipher = crypto.createCipher(algorithm,password)
+    var crypted = cipher.update(text,'utf8','hex')
+    crypted += cipher.final('hex');
+    return crypted;
+  }
+   
+  function decrypt(text:string, password:string): string{
+    var decipher = crypto.createDecipher(algorithm,password)
+    var dec = decipher.update(text,'hex','utf8')
+    dec += decipher.final('utf8');
+    return dec;
+  }
+   
+
diff --git a/src/app.ts b/src/app.ts
@@ -3,32 +3,31 @@ import * as express from 'express';
 import * as bodyParser from 'body-parser';
 import logger = require('./utils/logger');
 import * as cors from "cors";
+import { Router, Request, Response } from 'express';
 
 // DbUtils
 import { Db_blog } from './utils/dbUtils'
+import TokenUtil from './Model/Token/TokenUtil'
 
 // model
-import Person from './model/Person'
-import { Validate } from 'sequelize-typescript';
+import Person from './model/Person/Person'
+
 
 //import controllers
 // import * as healthcheckController from './controllers/controller-healthcheck';
 // import * as sampleController from './controllers/controller-sample';
 
 const app: express.Express = express();
-const router: express.Router = express.Router();
+const router: Router = express.Router();
 app.use(cors());
 app.use(bodyParser.json());
 app.use(router);  // tell the app this is the router we are using
 //@ts-ignore
-app.use((req, res, next) => {
-    if(!validateToken(req)){
-        res.status(401).json({message: 'Token is not valid or expired'})
-    } 
-    if(!authorizeToken(req)){
-        res.status(403).json({message: 'User is not authorized'})
-    }
-    else 
+app.use((req:Request, res:Response, next) => {
+    // Intercept here
+    TokenUtil.validate(req,res)
+    TokenUtil.authenticate(req, res)
+    next()
 })
 
 //healthcheck routes
diff --git a/src/enum/Error/TokenError.ts b/src/enum/Error/TokenError.ts
@@ -0,0 +1,7 @@
+
+export default class TokenError {
+    static None = null
+    static EXPIRED = { status: 401, message: 'Token is expired' }
+    static UNAUTHORIZED = { status: 403, message: 'You are not allowed to access this page'}
+    static TOKEN_INVALID = { status: 401, message: 'Token is invalid'}
+}
