refactor: extract decode user to util

Signed-off-by: jannyHou <[email protected]>
loopbackio · Jan 30, 2019 · 1d705b7 · 1d705b7
1 parent 3cbb0a8
commit 1d705b7
Show file tree

Hide file tree

Showing 4 changed files with 81 additions and 96 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/authentication-strategies/JWT.strategy.ts b/src/authentication-strategies/JWT.strategy.ts
@@ -3,15 +3,12 @@
 // This file is licensed under the MIT License.
 // License text available at https://opensource.org/licenses/MIT
 
-const jwt = require('jsonwebtoken');
-import {promisify} from 'util';
-const verifyAsync = promisify(jwt.verify);
 // Consider turn it to a binding
 const SECRET = 'secretforjwt';
 import {Request, HttpErrors} from '@loopback/rest';
 import {UserProfile} from '@loopback/authentication';
-import * as _ from 'lodash';
 import {AuthenticationStrategy} from './authentication.strategy';
+import {decodeAccessToken} from '../utils/user.authentication';
 
 export class JWTStrategy implements AuthenticationStrategy {
   async authenticate(request: Request): Promise<UserProfile | undefined> {
@@ -23,10 +20,7 @@ export class JWTStrategy implements AuthenticationStrategy {
     }
 
     try {
-      const decoded = await verifyAsync(token, SECRET);
-      let user = _.pick(decoded, ['id', 'email', 'firstName']);
-      (user as UserProfile).name = user.firstName;
-      delete user.firstName;
+      const user = await decodeAccessToken(token, SECRET);
       return user;
     } catch (err) {
       Object.assign(err, {

diff --git a/src/utils/user.authentication.ts b/src/utils/user.authentication.ts
@@ -9,8 +9,10 @@ import {toJSON} from '@loopback/testlab';
 import {promisify} from 'util';
 import * as isemail from 'isemail';
 import {HttpErrors} from '@loopback/rest';
+import {UserProfile} from '@loopback/authentication';
 const jwt = require('jsonwebtoken');
 const signAsync = promisify(jwt.sign);
+const verifyAsync = promisify(jwt.verify);
 
 export async function getAccessTokenForUser(
   userRepository: UserRepository,
@@ -24,7 +26,6 @@ export async function getAccessTokenForUser(
   }
 
   const currentUser = _.pick(toJSON(foundUser), ['id', 'email', 'firstName']);
-
   // Generate user token using JWT
   const token = await signAsync(currentUser, 'secretforjwt', {
     expiresIn: 300,
@@ -46,3 +47,15 @@ export function validateCredentials(credentials: Credentials) {
     );
   }
 }
+
+// secret should be injected
+export async function decodeAccessToken(
+  token: string,
+  secret: string,
+): Promise<UserProfile> {
+  const decoded = await verifyAsync(token, secret);
+  let user = _.pick(decoded, ['id', 'email', 'firstName']);
+  (user as UserProfile).name = user.firstName;
+  delete user.firstName;
+  return user;
+}
diff --git a/test/unit/utils.authentication.unit.ts b/test/unit/utils.authentication.unit.ts
@@ -0,0 +1,65 @@
+// Copyright IBM Corp. 2019. All Rights Reserved.
+// Node module: @loopback/example-shopping
+// This file is licensed under the MIT License.
+// License text available at https://opensource.org/licenses/MIT
+
+import {expect, toJSON} from '@loopback/testlab';
+import {MongoDataSource} from '../../src/datasources';
+import {
+  decodeAccessToken,
+  getAccessTokenForUser,
+} from '../../src/utils/user.authentication';
+import {UserRepository, OrderRepository} from '../../src/repositories';
+import {User} from '../../src/models';
+import * as _ from 'lodash';
+const SECRET = 'secretforjwt';
+
+describe('authentication', () => {
+  const mongodbDS = new MongoDataSource();
+  const orderRepo = new OrderRepository(mongodbDS);
+  const userRepo = new UserRepository(mongodbDS, orderRepo);
+  const user = {
+    email: '[email protected]',
+    password: 'p4ssw0rd',
+    firstname: 'unit',
+    surname: 'test',
+  };
+  let newUser: User;
+
+  before('create user', async () => {
+    newUser = await userRepo.create(user);
+  });
+
+  it('decodes valid access token', async () => {
+    const token = await getAccessTokenForUser(userRepo, {
+      email: '[email protected]',
+      password: 'p4ssw0rd',
+    });
+    const expectedUser = getExpectedUser(newUser);
+    const currentUser = await decodeAccessToken(token, SECRET);
+    expect(currentUser).to.deepEqual(expectedUser);
+  });
+
+  it('throws error for invalid accesstoken', async () => {
+    const token = 'fake';
+    try {
+      await decodeAccessToken(token, SECRET);
+      expect('throws error').to.be.true();
+    } catch (err) {
+      expect(err.message).to.equal('jwt malformed');
+    }
+  });
+});
+
+function getExpectedUser(originalUser: User) {
+  const userProfile: Partial<User> = _.pick(toJSON(originalUser), [
+    'id',
+    'email',
+    'firstName',
+  ]);
+  return {
+    id: userProfile.id,
+    email: userProfile.email,
+    name: userProfile.firstname,
+  };
+}