cherrypick/src/server/api/authenticate.ts

import * as express from 'express';
import App from './models/app';
import { default as User, IUser } from './models/user';
import AccessToken from './models/access-token';
import isNativeToken from './common/is-native-token';

export interface IAuthContext {
	/**
	 * App which requested
	 */
	app: any;

	/**
	 * Authenticated user
	 */
	user: IUser;

	/**
	 * Whether requested with a User-Native Token
	 */
	isSecure: boolean;
}

export default (req: express.Request) => new Promise<IAuthContext>(async (resolve, reject) => {
	const token = req.body['i'] as string;

	if (token == null) {
		return resolve({
			app: null,
			user: null,
			isSecure: false
		});
	}

	if (isNativeToken(token)) {
		const user: IUser = await User
			.findOne({ 'account.token': token });

		if (user === null) {
			return reject('user not found');
		}

		return resolve({
			app: null,
			user: user,
			isSecure: true
		});
	} else {
		const accessToken = await AccessToken.findOne({
			hash: token.toLowerCase()
		});

		if (accessToken === null) {
			return reject('invalid signature');
		}

		const app = await App
			.findOne({ _id: accessToken.appId });

		const user = await User
			.findOne({ _id: accessToken.userId });

		return resolve({
			app: app,
			user: user,
			isSecure: false
		});
	}
});
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00			`import * as express from 'express';`
			`import App from './models/app';`
oops 2017-09-16 14:31:24 +09:00			`import { default as User, IUser } from './models/user';`
Refactor: Rename userkey --> access-token 2017-01-06 12:09:57 +09:00			`import AccessToken from './models/access-token';`
Refactor: Extract isNativeToken method 2017-01-06 11:07:42 +09:00			`import isNativeToken from './common/is-native-token';`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00
			`export interface IAuthContext {`
			`/**`
			`* App which requested`
			`*/`
			`app: any;`

			`/**`
			`* Authenticated user`
			`*/`
Refactoring 2017-09-16 14:30:44 +09:00			`user: IUser;`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00
			`/**`
typo 2017-09-16 14:38:58 +09:00			`* Whether requested with a User-Native Token`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00			`*/`
			`isSecure: boolean;`
			`}`

アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-06 01:28:16 +09:00			`export default (req: express.Request) => new Promise<IAuthContext>(async (resolve, reject) => {`
[Server] toLowerCase :v: 2017-02-08 22:49:01 +09:00			`const token = req.body['i'] as string;`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-06 01:28:16 +09:00
			`if (token == null) {`
Refactoring 2017-09-16 14:30:44 +09:00			`return resolve({`
			`app: null,`
			`user: null,`
			`isSecure: false`
			`});`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-06 01:28:16 +09:00			`}`

Refactor: Extract isNativeToken method 2017-01-06 11:07:42 +09:00			`if (isNativeToken(token)) {`
Refactoring 2017-09-16 14:30:44 +09:00			`const user: IUser = await User`
Introduce account document to user document An account document is attached to a user document if an account of the user is on the server. It may be missing if the user is on a remote server. 2018-03-26 00:19:07 +09:00			`.findOne({ 'account.token': token });`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00
			`if (user === null) {`
			`return reject('user not found');`
			`}`

			`return resolve({`
			`app: null,`
			`user: user,`
			`isSecure: true`
			`});`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-06 01:28:16 +09:00			`} else {`
Refactor: Rename userkey --> access-token 2017-01-06 12:09:57 +09:00			`const accessToken = await AccessToken.findOne({`
[Server] toLowerCase :v: 2017-02-08 22:49:01 +09:00			`hash: token.toLowerCase()`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00			`});`

Refactor: Rename userkey --> access-token 2017-01-06 12:09:57 +09:00			`if (accessToken === null) {`
[API] Improve: Better error message 2017-01-06 12:30:35 +09:00			`return reject('invalid signature');`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00			`}`

			`const app = await App`
Resolve conflicts 2018-03-29 14:48:47 +09:00			`.findOne({ _id: accessToken.appId });`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00
			`const user = await User`
Resolve conflicts 2018-03-29 14:48:47 +09:00			`.findOne({ _id: accessToken.userId });`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00
Refactoring 2017-09-16 14:30:44 +09:00			`return resolve({`
			`app: app,`
			`user: user,`
			`isSecure: false`
			`});`
Initial commit :four_leaf_clover: 2016-12-29 07:49:51 +09:00			`}`
			`});`