2017-11-16 14:12:03 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Jwt.js service
|
|
|
|
|
*
|
|
|
|
|
* @description: A set of functions similar to controller's actions to avoid code duplication.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
const _ = require('lodash');
|
|
|
|
|
const jwt = require('jsonwebtoken');
|
2021-10-27 18:54:58 +02:00
|
|
|
const { ValidationError } = require('@strapi/utils').errors;
|
2018-01-26 07:32:28 +01:00
|
|
|
|
2021-07-08 11:20:13 +02:00
|
|
|
module.exports = ({ strapi }) => ({
|
2019-07-15 23:16:50 +02:00
|
|
|
getToken(ctx) {
|
2017-11-27 16:47:16 +01:00
|
|
|
const params = _.assign({}, ctx.request.body, ctx.request.query);
|
|
|
|
|
|
|
|
|
|
let token = '';
|
|
|
|
|
|
|
|
|
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
|
|
|
const parts = ctx.request.header.authorization.split(' ');
|
|
|
|
|
|
|
|
|
|
if (parts.length === 2) {
|
|
|
|
|
const scheme = parts[0];
|
|
|
|
|
const credentials = parts[1];
|
|
|
|
|
if (/^Bearer$/i.test(scheme)) {
|
|
|
|
|
token = credentials;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2021-10-27 18:54:58 +02:00
|
|
|
throw new ValidationError(
|
2019-07-15 23:16:50 +02:00
|
|
|
'Invalid authorization header format. Format is Authorization: Bearer [token]'
|
|
|
|
|
);
|
2017-11-27 16:47:16 +01:00
|
|
|
}
|
|
|
|
|
} else if (params.token) {
|
|
|
|
|
token = params.token;
|
|
|
|
|
} else {
|
2021-10-27 18:54:58 +02:00
|
|
|
throw new ValidationError('No authorization header was found');
|
2017-11-27 16:47:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return this.verify(token);
|
2017-12-07 15:27:11 +01:00
|
|
|
},
|
|
|
|
|
|
2019-07-15 23:16:50 +02:00
|
|
|
issue(payload, jwtOptions = {}) {
|
2021-08-17 19:28:10 +02:00
|
|
|
_.defaults(jwtOptions, strapi.config.get('plugin.users-permissions.jwt'));
|
2017-12-07 15:27:11 +01:00
|
|
|
return jwt.sign(
|
|
|
|
|
_.clone(payload.toJSON ? payload.toJSON() : payload),
|
2021-08-17 19:28:10 +02:00
|
|
|
strapi.config.get('plugin.users-permissions.jwtSecret'),
|
2019-07-15 23:16:50 +02:00
|
|
|
jwtOptions
|
2017-12-07 15:27:11 +01:00
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
|
2019-07-15 23:16:50 +02:00
|
|
|
verify(token) {
|
|
|
|
|
return new Promise(function(resolve, reject) {
|
2021-08-17 19:28:10 +02:00
|
|
|
jwt.verify(token, strapi.config.get('plugin.users-permissions.jwtSecret'), {}, function(
|
|
|
|
|
err,
|
|
|
|
|
tokenPayload = {}
|
|
|
|
|
) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return reject(new Error('Invalid token.'));
|
2017-12-07 15:27:11 +01:00
|
|
|
}
|
2021-08-17 19:28:10 +02:00
|
|
|
resolve(tokenPayload);
|
|
|
|
|
});
|
2017-12-07 15:27:11 +01:00
|
|
|
});
|
2019-07-15 23:16:50 +02:00
|
|
|
},
|
2021-07-08 11:20:13 +02:00
|
|
|
});
|
