prepare user interactions

Author: ManAnRuck

package.json

@@ -7,8 +7,7 @@
   "private": true,
   "scripts": {
     "start": "babel-node src/index.js",
-    "dev":
-      "nodemon -L -e js,graphql src/index.js --exec \"node --require dotenv/config --require babel-register\"",
+    "dev": "nodemon -L -e js,graphql src/index.js --exec \"node --require dotenv/config --require babel-register\"",
     "lint": "eslint .",
     "build": "babel src -d dist -s",
     "serve": "node dist/index.js"
@@ -27,11 +26,15 @@
     "graphql-date": "^1.0.3",
     "graphql-tag": "^2.7.3",
     "graphql-tools": "^2.0.0",
+    "jsonwebtoken": "^8.2.0",
     "lodash": "^4.17.4",
     "merge-graphql-schemas": "^1.3.0",
     "mongoose": "^5.0.3",
     "node-fetch": "^2.0.0",
-    "prettier-eslint": "^8.2.0"
+    "passport": "^0.4.0",
+    "passport-jwt": "^4.0.0",
+    "prettier-eslint": "^8.2.0",
+    "react-native-rsa": "^0.0.3"
   },
   "devDependencies": {
     "babel-cli": "^6.26.0",

scripts/importAll.js

@@ -1,6 +1,3 @@
-import ProgressBar from 'cli-progress'; // eslint-disable-line
-import program from 'commander'; // eslint-disable-line
-
 import client from '../src/graphql/client';
 import Procedure from '../src/models/Procedure';
 import getAllProcedures from '../src/graphql/queries/getAllProcedures';

src/express/auth/index.js

@@ -0,0 +1,21 @@
+import mongoose from 'mongoose';
+import passport from 'passport';
+
+import jwt from './jsonWebToken';
+
+export default (app) => {
+  const User = mongoose.model('User');
+
+  app.use(passport.initialize());
+  //   app.use(passport.session());
+
+  passport.serializeUser((user, done) => {
+    done(null, user.id);
+  });
+
+  passport.deserializeUser(async (id, done) => {
+    done(null, await User.findById(id));
+  });
+
+  jwt(app);
+};

src/express/auth/jsonWebToken.js

@@ -0,0 +1,43 @@
+/* eslint no-underscore-dangle: ["error", { "allow": ["_id"] }] */
+import { Strategy, ExtractJwt } from 'passport-jwt';
+import passport from 'passport';
+import mongoose from 'mongoose';
+
+export default (app) => {
+  const UserModel = mongoose.model('User');
+
+  passport.use(new Strategy(
+    {
+      jwtFromRequest: ExtractJwt.fromExtractors([
+        ExtractJwt.fromUrlQueryParameter('auth_token'),
+        ExtractJwt.fromAuthHeaderAsBearerToken(),
+      ]),
+      secretOrKey: process.env.AUTH_JWT_SECRET,
+    },
+    async (jwtPayload, done) => {
+      try {
+        const user = await UserModel.findById(jwtPayload._id);
+        if (!user) {
+          return done(null, false);
+        }
+        return done(null, user);
+      } catch (err) {
+        return done(err, false);
+      }
+    },
+  ));
+
+  app.use((req, res, next) => {
+    passport.authenticate('jwt', { session: true }, (err, user) => {
+      // console.log(info);
+      if (user) {
+        req.user = user;
+      }
+      next();
+    })(req, res, next);
+  });
+
+  app.get('/test', (req, res) => {
+    res.send({ query: req.query, user: req.user });
+  });
+};

src/graphql/resolvers/User.js

@@ -0,0 +1,34 @@
+/* eslint-disable no-underscore-dangle */
+import RSAKey from 'react-native-rsa';
+
+export default {
+  Query: {
+    me: (parent, args, { UserModel, user }) => {
+      if (user) {
+        return UserModel.findById(user._id);
+      }
+      return null;
+    },
+  },
+
+  Mutation: {
+    signUp: async (parent, { deviceHashEncrypted }, { UserModel }) => {
+      const rsa = new RSAKey();
+
+      rsa.setPrivateString(process.env.SECRET_KEY);
+      const deviceHash = rsa.decrypt(deviceHashEncrypted);
+      const user = await UserModel.create({ deviceHash });
+
+      return { token: user.createToken() };
+    },
+
+    signIn: async (parent, { deviceHashEncrypted }, { UserModel }) => {
+      const user = await UserModel.findOne({ deviceHashEncrypted });
+      if (!user) {
+        throw new Error('User does not exsit!');
+      }
+
+      return { token: user.createToken() };
+    },
+  },
+};

src/graphql/schemas/User.js

@@ -0,0 +1,19 @@
+export default `
+  type User {
+    _id: String!
+    deviceHash: String!
+  }
+  
+  type Auth {
+    token: String!
+  }
+  
+  type Mutation {
+    signUp(deviceHashEncrypted: String!): Auth
+    signIn(deviceHashEncrypted: String!): Auth
+  }
+  
+  type Query {
+    me: User
+  }
+  `;

src/index.js

@@ -14,8 +14,11 @@ import resolvers from './graphql/resolvers';
 
 import webhook from './scripts/webhook';
 
+import auth from './express/auth';
+
 // Models
 import ProcedureModel from './models/Procedure';
+import UserModel from './models/User';
 
 const app = express();
 
@@ -35,6 +38,8 @@ if (process.env.ENGINE_API_KEY) {
 
 app.use(bodyParser.json());
 
+auth(app);
+
 if (process.env.ENVIRONMENT !== 'production') {
   app.use(
     constants.GRAPHIQL_PATH,
@@ -48,8 +53,10 @@ app.use(constants.GRAPHQL_PATH, (req, res, next) => {
   graphqlExpress({
     schema,
     context: {
+      user: req.user,
       // Models
       ProcedureModel,
+      UserModel,
     },
     tracing: true,
     cacheControl: true,

src/models/User.js

@@ -0,0 +1,23 @@
+/* eslint no-underscore-dangle: ["error", { "allow": ["_id"] }] */
+import mongoose, { Schema } from 'mongoose';
+import jwt from 'jsonwebtoken';
+
+const UserSchema = new Schema(
+  {
+    deviceHash: { type: String, required: true, unique: true },
+  },
+  { timestamps: true },
+);
+
+UserSchema.methods = {
+  createToken() {
+    return jwt.sign(
+      {
+        _id: this._id,
+      },
+      process.env.AUTH_JWT_SECRET,
+    );
+  },
+};
+
+export default mongoose.model('User', UserSchema);

src/scripts/import.js

@@ -1,6 +1,3 @@
-import ProgressBar from 'cli-progress'; // eslint-disable-line
-import program from 'commander'; // eslint-disable-line
-
 import createClient from '../graphql/client';
 import Procedure from '../models/Procedure';
 import getProcedures from '../graphql/queries/getProcedures';