ansble-store/security.js at master · ansble/ansble-store · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
'use strict';

const jwt = require('jsonwebtoken')
    , events = require('monument').events
    , schema = require('./data/schemas')
    , salt = 'it was the best of times it was the worst of times. It was the age of reason...'
    , createJTI = require('./utils').generateID

    , MongoClient = require('mongodb').MongoClient
    , env = require('./utils/env')
    , key = env.KEY
    , pubKey = env.PUB_KEY
    , url = env.MONGO_URL;

MongoClient.connect(url, (err, db) => {
    const ansble = db.collection('ansble');

    console.log('db connected');

    if (err) {
        events.emit('error:db', err);
    }

    events.on('token:verify', (token) => {
        jwt.verify(token, pubKey, { algorithm: 'RS256' }, (jwtError, decoded) => {
            if (jwtError){
                events.emit(`token:verify:${token}`, false);
            } else {
                events.emit(`token:verify:${token}`, decoded);
            }
        });
    });

    events.on('token:create', (dataIn) => {
        let token;
        // check to see if this app already has a key... and then do stuff

        console.log('new token requested');
        if (schema.check(dataIn, schema.account)){
            dataIn.jti = createJTI(salt);

            ansble.find({ _id: 'application_store' }).toArray((findError, docs) => {
                const store = {}
                    , update = {};

                if (typeof docs[0] === 'undefined' || typeof docs[0][dataIn.key] === 'undefined') {
                    if (typeof docs[0] === 'undefined'){
                        store._id = 'application_store';
                        store[dataIn.key] = dataIn;
                        ansble.insert(store, (insertError, result) => {
                            console.log(result);
                        });
                    } else {
                        update = {
                            $set: {}
                        };
                        update.$set[dataIn.app] = dataIn;

                        ansble.update({ _id: 'application_store' }, update, (updateErr, result) => {
                            console.log(updateErr, result);
                        });
                    }

                    // TODO: if we ever use scopes change this
                    token = jwt.sign({
                        scopes: []
                        , app: dataIn.key
                        , jti: dataIn.jti
                    }, key, { algorithm: 'RS256' });
                } else {
                    token = 'exists';
                }

                events.emit(`token:created:${dataIn.key}`, token);
            });
        } else {
            events.emit(`token:created:${dataIn.key}`, 'invalid');
        }
    });

    events.on('token:destroy', () => {
        // for the destroying in the future
    });

    // insertDocuments(db, function() {
    // db.close();
    // });
});