From 891716a676909c426f85a5b36da3a58b24f291a5 Mon Sep 17 00:00:00 2001 From: "martinbobbio1@gmail.com" Date: Fri, 26 Oct 2018 12:09:57 -0300 Subject: [PATCH] Autenticacion de Google --- README.md | 9 +++ models/user.js | 3 +- package-lock.json | 164 ++++++++++++++++++++++++++++++++++++++++++++++ package.json | 1 + routes/login.js | 115 ++++++++++++++++++++++++++++---- 5 files changed, 277 insertions(+), 15 deletions(-) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..4bb3ff6 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# Backend-Server + +Este es el código para esablecer el backend conectado a MongoDB usando Mongoose + +Para ejecutarlo, es necesario reconstruir los módulos de node usando el comando + +``` +npm install +``` diff --git a/models/user.js b/models/user.js index 5071e10..f8d853d 100644 --- a/models/user.js +++ b/models/user.js @@ -12,7 +12,8 @@ var userSchema = new Schema({ email: { type: String, required: [true, "The email is required"], unique:true, }, password: { type: String, required: [true, "The password is required"] }, img: { type: String, required: false }, - role: { type: String, required: false, default: 'USER_ROLE', enum:rolesValid } + role: { type: String, required: false, default: 'USER_ROLE', enum:rolesValid }, + google: { type:Boolean, default:false } }); userSchema.plugin(uniqueValidator, {message: '{PATH} The email is unique'}); diff --git a/package-lock.json b/package-lock.json index f204c8d..2a97f32 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,14 @@ "negotiator": "0.6.1" } }, + "agent-base": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-4.2.1.tgz", + "integrity": "sha512-JVwXMr9nHYTUXsBFKUqhJwvlcYU/blreOEUkhNR2eXZIvwd+c+o5V4MgDPKWnMS/56awN3TRzIP+KoPn+roQtg==", + "requires": { + "es6-promisify": "5.0.0" + } + }, "array-flatten": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", @@ -26,6 +34,15 @@ "lodash": "4.17.11" } }, + "axios": { + "version": "0.18.0", + "resolved": "http://registry.npmjs.org/axios/-/axios-0.18.0.tgz", + "integrity": "sha1-MtU+SFHv3AoRmTts0AB4nXDAUQI=", + "requires": { + "follow-redirects": "1.5.9", + "is-buffer": "1.1.6" + } + }, "bcryptjs": { "version": "2.4.3", "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz", @@ -157,6 +174,19 @@ "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=" }, + "es6-promise": { + "version": "4.2.5", + "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.5.tgz", + "integrity": "sha512-n6wvpdE43VFtJq+lUDYDBFUwV8TZbuGXLV4D6wKafg13ldznKsyEvatubnmUe31zcvelSzOHF+XbaT+Bl9ObDg==" + }, + "es6-promisify": { + "version": "5.0.0", + "resolved": "http://registry.npmjs.org/es6-promisify/-/es6-promisify-5.0.0.tgz", + "integrity": "sha1-UQnWLz5W6pZ8S2NQWu8IKRyKUgM=", + "requires": { + "es6-promise": "4.2.5" + } + }, "escape-html": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", @@ -214,6 +244,11 @@ "streamifier": "0.1.1" } }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + }, "finalhandler": { "version": "1.1.1", "resolved": "http://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz", @@ -228,6 +263,24 @@ "unpipe": "1.0.0" } }, + "follow-redirects": { + "version": "1.5.9", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.9.tgz", + "integrity": "sha512-Bh65EZI/RU8nx0wbYF9shkFZlqLP+6WT/5FnA3cE/djNSuKNHJEinGGZgu/cQEkeeb2GdFOgenAmn8qaqYke2w==", + "requires": { + "debug": "3.1.0" + }, + "dependencies": { + "debug": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", + "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", + "requires": { + "ms": "2.0.0" + } + } + } + }, "forwarded": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", @@ -238,6 +291,59 @@ "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", "integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=" }, + "gcp-metadata": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/gcp-metadata/-/gcp-metadata-0.7.0.tgz", + "integrity": "sha512-ffjC09amcDWjh3VZdkDngIo7WoluyC5Ag9PAYxZbmQLOLNI8lvPtoKTSCyU54j2gwy5roZh6sSMTfkY2ct7K3g==", + "requires": { + "axios": "0.18.0", + "extend": "3.0.2", + "retry-axios": "0.3.2" + } + }, + "google-auth-library": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-2.0.0.tgz", + "integrity": "sha512-lN6jecH8L30uAirTeOm9ij9CTMJniwg7fbuyOpgH4lFkO50LKhPrx/ZbLGK8aBCzi/u4/tpdZnJABFuMqtIx0A==", + "requires": { + "axios": "0.18.0", + "gcp-metadata": "0.7.0", + "gtoken": "2.3.0", + "https-proxy-agent": "2.2.1", + "jws": "3.1.5", + "lodash.isstring": "4.0.1", + "lru-cache": "4.1.3", + "semver": "5.6.0" + } + }, + "google-p12-pem": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/google-p12-pem/-/google-p12-pem-1.0.2.tgz", + "integrity": "sha512-+EuKr4CLlGsnXx4XIJIVkcKYrsa2xkAmCvxRhX2HsazJzUBAJ35wARGeApHUn4nNfPD03Vl057FskNr20VaCyg==", + "requires": { + "node-forge": "0.7.6", + "pify": "3.0.0" + } + }, + "gtoken": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/gtoken/-/gtoken-2.3.0.tgz", + "integrity": "sha512-Jc9/8mV630cZE9FC5tIlJCZNdUjwunvlwOtCz6IDlaiB4Sz68ki29a1+q97sWTnTYroiuF9B135rod9zrQdHLw==", + "requires": { + "axios": "0.18.0", + "google-p12-pem": "1.0.2", + "jws": "3.1.5", + "mime": "2.3.1", + "pify": "3.0.0" + }, + "dependencies": { + "mime": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/mime/-/mime-2.3.1.tgz", + "integrity": "sha512-OEUllcVoydBHGN1z84yfQDimn58pZNNNXgZlHXSboxMlFvgI6MXSWpWKpFRra7H1HxpVhHTkrghfRW49k6yjeg==" + } + } + }, "http-errors": { "version": "1.6.3", "resolved": "http://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz", @@ -249,6 +355,30 @@ "statuses": "1.4.0" } }, + "https-proxy-agent": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.1.tgz", + "integrity": "sha512-HPCTS1LW51bcyMYbxUIOO4HEOlQ1/1qRaFWcyxvwaqUS9TY88aoEuHUY33kuAh1YhVVaDQhLZsnPd+XNARWZlQ==", + "requires": { + "agent-base": "4.2.1", + "debug": "3.2.6" + }, + "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "requires": { + "ms": "2.1.1" + } + }, + "ms": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", + "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==" + } + } + }, "iconv-lite": { "version": "0.4.23", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz", @@ -374,6 +504,15 @@ "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" }, + "lru-cache": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.3.tgz", + "integrity": "sha512-fFEhvcgzuIoJVUF8fYr5KR0YqxD238zgObTps31YdADwPPAp82a4M8TrckkWyx7ekNlf9aBcVn81cFwwXngrJA==", + "requires": { + "pseudomap": "1.0.2", + "yallist": "2.1.2" + } + }, "md5": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/md5/-/md5-2.2.1.tgz", @@ -521,6 +660,11 @@ "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz", "integrity": "sha1-KzJxhOiZIQEXeyhWP7XnECrNDKk=" }, + "node-forge": { + "version": "0.7.6", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz", + "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==" + }, "on-finished": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", @@ -539,6 +683,11 @@ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" }, + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + }, "proxy-addr": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.4.tgz", @@ -548,6 +697,11 @@ "ipaddr.js": "1.8.0" } }, + "pseudomap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz", + "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=" + }, "qs": { "version": "6.5.2", "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", @@ -599,6 +753,11 @@ "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-2.0.0.tgz", "integrity": "sha1-lICrIOlP+h2egKgEx+oUdhGWa1c=" }, + "retry-axios": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/retry-axios/-/retry-axios-0.3.2.tgz", + "integrity": "sha512-jp4YlI0qyDFfXiXGhkCOliBN1G7fRH03Nqy8YdShzGqbY5/9S2x/IR6C88ls2DFkbWuL3ASkP7QD3pVrNpPgwQ==" + }, "safe-buffer": { "version": "5.1.2", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", @@ -716,6 +875,11 @@ "version": "1.1.2", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" + }, + "yallist": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", + "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=" } } } diff --git a/package.json b/package.json index 27f78c4..a7e9d23 100644 --- a/package.json +++ b/package.json @@ -14,6 +14,7 @@ "body-parser": "^1.18.3", "express": "^4.16.4", "express-fileupload": "^1.0.0", + "google-auth-library": "^2.0.0", "jsonwebtoken": "^8.3.0", "mongoose": "^5.3.4", "mongoose-unique-validator": "^2.0.2" diff --git a/routes/login.js b/routes/login.js index b059209..8d835ef 100644 --- a/routes/login.js +++ b/routes/login.js @@ -1,12 +1,100 @@ var express = require("express"); var bcrypt = require("bcryptjs"); -var jwt = require('jsonwebtoken'); -var SEED = require('../config/config').SEED; - +var jwt = require("jsonwebtoken"); +var SEED = require("../config/config").SEED; var app = express(); - var User = require("../models/user"); + +//GOOGLE +var CLIENT_ID = require("../config/config").CLIENT_ID; +var { OAuth2Client } = require("google-auth-library"); +var client = new OAuth2Client(CLIENT_ID); +async function verify(token) { + const ticket = await client.verifyIdToken({ + idToken: token, + audience: CLIENT_ID, + }); + const payload = ticket.getPayload(); + //const userid = payload['sub']; + + return { + name: payload.name, + email: payload.email, + img: payload.picture, + google:true + } +} + +// ======================================= +// Auth Google +// ======================================= +app.post("/google", (req, res) => { + + var token = req.body.token; + var googleUser = await verify(token).catch((err =>{ + return res.status(403).json({ + ok: false, + message: "Token no válido", + errors: err + }); + })); + + User.findOne({ email:googleUser.email }, (err,userDB)=>{ + if(err){ + return res.status(500).json({ + ok: false, + message: "Error in search users", + errors: err + }); + } + if(userDB){ + if(userDB.google === false){ + //Requires Auth Normal + return res.status(500).json({ + ok: false, + message: "The user must use your auth normal", + errors: err + }); + }else{ + //Login User + var token = jwt.sign({ user: userDB }, SEED, { expiresIn: 14400 }); + res.status(200).json({ + ok: true, + id: userDB._id, + user: userDB, + token + }); + } + }else{ + //Create User + var user = new User(); + user.name = googleUser.name; + user.email = googleUser.email; + user.img = googleUser.img; + user.google = true; + user.password = 'NOT PASSWORD'; + + user.save((userDB)=>{ + var token = jwt.sign({ user: userDB }, SEED, { expiresIn: 14400 }); + res.status(200).json({ + ok: true, + id: userDB._id, + user: userDB, + token + }); + }) + + } + }); + + return res.status(200).json({ + ok: false, + message: "OK", + googleUser + }); +}); + // ======================================= // Auth // ======================================= @@ -28,23 +116,22 @@ app.post("/", (req, res) => { errors: err }); } - if(bcrypt.compareSync(body.password,user.password)){ - return res.status(400).json({ - ok: false, - message: "Invalid credentials - password", - errors: err - }); + if (bcrypt.compareSync(body.password, user.password)) { + return res.status(400).json({ + ok: false, + message: "Invalid credentials - password", + errors: err + }); } - user.password = 'SECRET'; - var token = jwt.sign({user}, SEED,{expiresIn: 14400}) + user.password = "SECRET"; + var token = jwt.sign({ user }, SEED, { expiresIn: 14400 }); res.status(200).json({ ok: true, id: user._id, user, - token, - + token }); }); });