From a76964d12e6a747b012668a875ee711dca1165ab Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 14 Apr 2021 14:13:48 +0100 Subject: [PATCH] Updating environment in auth package, easily see required env settings. --- packages/auth/src/db/index.js | 3 ++- packages/auth/src/environment.js | 8 ++++++++ packages/auth/src/hashing.js | 3 ++- packages/auth/src/middleware/passport/google.js | 9 ++++----- packages/auth/src/middleware/passport/jwt.js | 3 ++- packages/auth/src/middleware/passport/local.js | 6 +++--- 6 files changed, 21 insertions(+), 11 deletions(-) create mode 100644 packages/auth/src/environment.js diff --git a/packages/auth/src/db/index.js b/packages/auth/src/db/index.js index 4db890f01e..65aa7b4430 100644 --- a/packages/auth/src/db/index.js +++ b/packages/auth/src/db/index.js @@ -1,8 +1,9 @@ const PouchDB = require("pouchdb") +const env = require("../environment") // level option is purely for testing (development) const COUCH_DB_URL = - process.env.COUCH_DB_URL || "http://budibase:budibase@localhost:10000/db/" + env.COUCH_DB_URL || "http://budibase:budibase@localhost:10000/db/" const Pouch = PouchDB.defaults({ prefix: COUCH_DB_URL, diff --git a/packages/auth/src/environment.js b/packages/auth/src/environment.js new file mode 100644 index 0000000000..e6d7ddda65 --- /dev/null +++ b/packages/auth/src/environment.js @@ -0,0 +1,8 @@ +module.exports = { + JWT_SECRET: process.env.JWT_SECRET, + COUCH_DB_URL: process.env.COUCH_DB_URL, + SALT_ROUNDS: process.env.SALT_ROUNDS, + GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID, + GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET, + GOOGLE_AUTH_CALLBACK_URL: process.env.GOOGLE_AUTH_CALLBACK_URL, +} diff --git a/packages/auth/src/hashing.js b/packages/auth/src/hashing.js index 8c81e39d95..0711ae67bf 100644 --- a/packages/auth/src/hashing.js +++ b/packages/auth/src/hashing.js @@ -1,6 +1,7 @@ const bcrypt = require("bcryptjs") +const env = require("./environment") -const SALT_ROUNDS = process.env.SALT_ROUNDS || 10 +const SALT_ROUNDS = env.SALT_ROUNDS || 10 exports.hash = async data => { const salt = await bcrypt.genSalt(SALT_ROUNDS) diff --git a/packages/auth/src/middleware/passport/google.js b/packages/auth/src/middleware/passport/google.js index 1ee6583b59..e5b29d65f2 100644 --- a/packages/auth/src/middleware/passport/google.js +++ b/packages/auth/src/middleware/passport/google.js @@ -1,10 +1,9 @@ -// const CouchDB = require("../db") +const env = require("../../environment") exports.options = { - clientId: process.env.GOOGLE_CLIENT_ID, - clientSecret: process.env.GOOGLE_CLIENT_SECRET, - callbackURL: process.env.GOOGLE_AUTH_CALLBACK_URL, - // "http://localhost:" + (process.env.PORT || 3000) + "/auth/google/callback", + clientId: env.GOOGLE_CLIENT_ID, + clientSecret: env.GOOGLE_CLIENT_SECRET, + callbackURL: env.GOOGLE_AUTH_CALLBACK_URL, } exports.authenticate = async function(token, tokenSecret, profile, done) { diff --git a/packages/auth/src/middleware/passport/jwt.js b/packages/auth/src/middleware/passport/jwt.js index 06071f77e8..fdff3f3cfc 100644 --- a/packages/auth/src/middleware/passport/jwt.js +++ b/packages/auth/src/middleware/passport/jwt.js @@ -1,7 +1,8 @@ const { Cookies } = require("../../constants") +const env = require("../../environment") exports.options = { - secretOrKey: process.env.JWT_SECRET, + secretOrKey: env.JWT_SECRET, jwtFromRequest: function(ctx) { return ctx.cookies.get(Cookies.Auth) }, diff --git a/packages/auth/src/middleware/passport/local.js b/packages/auth/src/middleware/passport/local.js index 2984d2d7e3..886c078e35 100644 --- a/packages/auth/src/middleware/passport/local.js +++ b/packages/auth/src/middleware/passport/local.js @@ -3,6 +3,7 @@ const { UserStatus } = require("../../constants") const CouchDB = require("../../db") const { StaticDatabases, generateUserID } = require("../../db/utils") const { compare } = require("../../hashing") +const env = require("../../environment") const INVALID_ERR = "Invalid Credentials" @@ -40,13 +41,12 @@ exports.authenticate = async function(username, password, done) { const payload = { userId: dbUser._id, builder: dbUser.builder, + email: dbUser.email, } - const token = jwt.sign(payload, process.env.JWT_SECRET, { + dbUser.token = jwt.sign(payload, env.JWT_SECRET, { expiresIn: "1 day", }) - - dbUser.token = token // Remove users password in payload delete dbUser.password