budibase/packages/server/middleware/controllers/auth.js

41 lines
1008 B
JavaScript
Raw Normal View History

const jwt = require("jsonwebtoken");
const CouchDB = require("../../db");
const bcrypt = require("../../utilities/bcrypt");
2020-04-07 21:34:21 +02:00
exports.forgotPassword = async ctx => {
};
2020-04-07 21:34:21 +02:00
exports.setPassword = async ctx => { };
2020-04-07 21:34:21 +02:00
exports.changePassword = async ctx => {
};
2020-04-07 21:34:21 +02:00
exports.authenticate = async ctx => {
const { username, password } = ctx.request.body;
if (!username) ctx.throw(400, "Username Required.");
if (!password) ctx.throw(400, "Password Required");
2020-04-07 21:34:21 +02:00
// query couch for their username
const db = new CouchDB(ctx.config)(ctx.params.instanceId);
2020-04-23 18:05:33 +02:00
const dbUser = await db.query("by_username", {
include_docs: true,
key: username
});
if (await bcrypt.compare(password, dbUser.password)) {
const payload = {
userId: dbUser._id,
accessLevel: "",
instanceId: ctx.params.instanceId
};
const token = jwt.sign(payload, ctx.config.secret, {
expiresIn: "1 day"
});
ctx.body = token;
} else {
ctx.throw(401, "Invalid credentials.");
}
}