From db0a73d332ea9b1c1c2e5716bf4b081d248b3137 Mon Sep 17 00:00:00 2001 From: Matteo Pagliazzi Date: Sat, 5 Sep 2015 16:21:46 +0200 Subject: [PATCH] add router to get firebase token for user --- package.json | 1 + website/src/controllers/auth.js | 28 +++++++++++++++++++++++++--- website/src/routes/auth.js | 1 + 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 454a46e4d4..0c8e71ae38 100644 --- a/package.json +++ b/package.json @@ -19,6 +19,7 @@ "express": "~3.17.5", "express-csv": "~0.6.0", "firebase": "^2.2.9", + "firebase-token-generator": "^2.0.0", "grunt": "~0.4.1", "grunt-browserify": "^3.3.0", "grunt-cli": "~0.1.9", diff --git a/website/src/controllers/auth.js b/website/src/controllers/auth.js index 023adb0eec..667bf6454a 100644 --- a/website/src/controllers/auth.js +++ b/website/src/controllers/auth.js @@ -6,6 +6,7 @@ var async = require('async'); var utils = require('../utils'); var nconf = require('nconf'); var request = require('request'); +var FirebaseTokenGenerator = require('firebase-token-generator'); var User = require('../models/user').model; var EmailUnsubscription = require('../models/emailUnsubscription').model; var analytics = utils.analytics; @@ -33,7 +34,7 @@ api.auth = function(req, res, next) { var uid = req.headers['x-api-user']; var token = req.headers['x-api-key']; if (!(uid && token)) return res.json(401, NO_TOKEN_OR_UID); - User.findOne({_id: uid,apiToken: token}, function(err, user) { + User.findOne({_id: uid, apiToken: token}, function(err, user) { if (err) return next(err); if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND); if (user.auth.blocked) return res.json(401, accountSuspended(user._id)); @@ -319,11 +320,32 @@ api.changePassword = function(req, res, next) { if (err) next(err); res.send(200); }) -} +}; + +var firebaseTokenGeneratorInstance = new FirebaseTokenGenerator(nconf.get('FIREBASE:SECRET')); +api.getFirebaseToken = function(req, res, next) { + var user = res.locals.user; + // Expires 24 hours after now (60*60*24*1000) (in milliseconds) + var expires = new Date(); + expires.setTime(expires.getTime() + 86400000); + + var token = firebaseTokenGeneratorInstance + .createToken({ + uid: user._id, + isHabiticaUser: true + }, { + expires: expires + }); + + res.json(200, { + token: token, + expires: expires + }); +}; /* Registers a new user. Only accepting username/password registrations, no Facebook - */ +*/ api.setupPassport = function(router) { diff --git a/website/src/routes/auth.js b/website/src/routes/auth.js index 442c919f6b..7d53253210 100644 --- a/website/src/routes/auth.js +++ b/website/src/routes/auth.js @@ -13,6 +13,7 @@ router.post('/api/v2/user/reset-password', i18n.getUserLanguage, auth.resetPassw router.post('/api/v2/user/change-password', i18n.getUserLanguage, auth.auth, auth.changePassword); router.post('/api/v2/user/change-username', i18n.getUserLanguage, auth.auth, auth.changeUsername); router.post('/api/v2/user/change-email', i18n.getUserLanguage, auth.auth, auth.changeEmail); +router.post('/api/v2/user/auth/firebase', i18n.getUserLanguage, auth.auth, auth.getFirebaseToken); router.post('/api/v1/register', i18n.getUserLanguage, auth.registerUser); router.post('/api/v1/user/auth/local', i18n.getUserLanguage, auth.loginLocal);