How to use passport-http-bearer - 10 common examples

To help you get started, we’ve selected a few passport-http-bearer examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github chb / ccdaScorecard / config / initializers / oauth2.js View on Github external
if (err) { return done(err); }
          done(null, t._id);
        });
        winston.info("Saving a new token!"+ t);
    });
}));

// bulk up the request representation by including the patient
// alongside default parameters (parsed out by grant.token)
server.grant("token", "request", function(req){
  return {
    patient: req.param("patient") 
  };
});

passport.use('oauth2Bearer', new BearerStrategy(
  function(accessToken, done) {
    model.Token.findOne({
      _id: accessToken,
      expires: {"$gt": new Date()}
    })
    .populate('authorization')
    .exec(function(err, token){
      winston.info("fetch " + token.authorization._id);
      model.Authorization.findOne({_id: token.authorization._id})
      .populate('user')
      .populate('app')
      .exec(function(err, authorization) {
        winston.info(err);
        winston.info("looked for"+ accessToken+ token+ authorization);
        if (err) { return done(err); }
        if (!token) { return done(null, false); }
github reneweb / oauth2orize_resource_owner_password_example / auth.js View on Github external
db.collection('clients').findOne({clientId: clientId}, function (err, client) {
            if (err) return done(err)
            if (!client) return done(null, false)
            if (!client.trustedClient) return done(null, false)

            if (client.clientSecret == clientSecret) return done(null, client)
            else return done(null, false)
        });
    }
));

/**
 * This strategy is used to authenticate users based on an access token (aka a
 * bearer token).
 */
passport.use("accessToken", new BearerStrategy(
    function (accessToken, done) {
        var accessTokenHash = crypto.createHash('sha1').update(accessToken).digest('hex')
        db.collection('accessTokens').findOne({token: accessTokenHash}, function (err, token) {
            if (err) return done(err)
            if (!token) return done(null, false)
            if (new Date() > token.expirationDate) {
                done(null, false)
            } else {
                db.collection('users').findOne({username: token.userId}, function (err, user) {
                    if (err) return done(err)
                    if (!user) return done(null, false)
                    // no use of scopes for no
                    var info = { scope: '*' }
                    done(null, user, info);
                })
            }
github Azure-Samples / active-directory-node-webapi / node-server / lib / passport-azure-ad / oidcstrategy.js View on Github external
log.info("We did pass Req back to Callback")
        verify(req, token, done);
      } else {
        log.info("We did not pass Req back to Callback")
        verify(token, done);
      }
    }
    });
}

var opts = {};
  opts.passReqToCallback = true;

  log.info('Req: ' + options.passReqToCallback);

    BearerStrategy.call(this, options, jwtVerify);

    this.name = 'oidc-bearer'; // Me, a name I call myself.
}
github IGZangelsanchez / oauth2orize-example-extended / server / auth.js View on Github external
if (!client) { return done(null, false); }
      if (client.clientSecret != clientSecret) { return done(null, false); }
      return done(null, client);
    });
  }
));

/**
 * BearerStrategy
 *
 * This strategy is used to authenticate users based on an access token (aka a
 * bearer token).  The user must have previously authorized a client
 * application, which is issued an access token to make requests on behalf of
 * the authorizing user.
 */
passport.use(new BearerStrategy(
  function(accessToken, done) {
    console.log("AUTH: BearerStrategy")

    db.accessTokens.find(accessToken, function(err, token) {
      if (err) { return done(err); }
      if (!token) { return done(null, false); }
      
      db.users.find(token.userID, function(err, user) {
        if (err) { return done(err); }
        if (!user) { return done(null, false); }

        var info = { scope: token.scope, expiration: token.expiration }
        done(null, user, info);
      });
    });
  }
github coding-blocks / hiring-blocks / auth / strategies / bearer / student.js View on Github external
const BearerStrategy = require('passport-http-bearer').Strategy;
const models = require('./../../../db/models').models;

module.exports = new BearerStrategy(function (token, done) {
    models.AuthStudent.findOne({
        where: {
            token: token
        },
        include: [models.Student]
    }).then(function (authToken) {
        if (authToken && authToken.student) {
            return done(null, authToken.student);
        } else {
            return done(null, false, {message: 'Could not authorize'})
        }
    }).catch(function (err) {
        console.log(err);
        return done(err, false);
    })
});
github avoidwork / tenso / lib / utility.js View on Github external
if (async || config.auth.local.enabled) {
			obj.get("/auth/basic", passportAuth).blacklist(passportAuth);
			obj.get("/auth/basic", redirect);
		} else {
			obj.always(passportAuth).blacklist(passportAuth);
		}
	} else if (config.auth.bearer.enabled) {
		const validate = (arg, cb) => {
			if (obj.config.auth.bearer.tokens.includes(arg)) {
				cb(null, arg);
			} else {
				cb(new Error(STATUS_CODES[401]), null);
			}
		};

		passport.use(new BearerStrategy((token, done) => {
			delay(() => {
				validate(token, (err, user) => {
					if (err !== null) {
						done(err);
					} else if (user === void 0) {
						done(null, false);
					} else {
						done(null, user, {scope: "read"});
					}
				});
			}, authDelay);
		}));

		const passportAuth = passport.authenticate("bearer", {session: stateless === false});

		if (async || config.auth.local.enabled) {
github xiexiangyi0 / PicsHouse-Android / server / util / auth.js View on Github external
}

                    if(is_match) {
                        return done(null, user);
                    } else {
                        return done(null, false, {message : "invalid_password"});
                    }
                });
            } else {
                return done(null, false, {message : "invalid_username"});
            }

        });
    }));

passport.use(new BearerStrategy(function(token, done) {

        require("../model/user").findOne({token : token}, function(err, user) {
            if(err) {
                return done(err);
            }

            if(user) {
                return done(null, user);
            } else {
                return done(null, false, {message : "invalid_token"});
            }
        });
    })
);

passport.use(
github scorelab / Stackle / stackle_api / app / lib / passport.js View on Github external
cb(err, false);
            } else if (!data) {
                var temp = new UserModel(currentUser);
                temp.save();
                cb(null, temp);
            } else {
                data.token = token;
                data.save();
                cb(null, data);
            }

        });
    });

//Validating Token 
var strategyToken = new BearerStratergy(
    function(token, done) {
        UserModel.findOne({
                token: token
            },
            function(err, user) {
                if (err || !user) {
                    done(err, false);
                } else {
                    done(null, user);
                }

            }
        );
    }
);
github Frost-Dev / Frost-API / src / modules / defineStrategies.js View on Github external
module.exports = (repository) => {
	passport.use('accessToken', new BearerStrategy(async (accessToken, done) => {
		try {
			const token = await repository.find('tokens', { accessToken });
			if (token == null) {
				done(null, false);
				return;
			}
			const user = await repository.find('users', { _id: token.userId });
			if (user == null) {
				done(null, false);
				return;
			}
			const application = await repository.find('applications', { _id: token.applicationId });
			if (application == null) {
				done(null, false);
				return;
			}
github ngageoint / mage-server / authentication / index.js View on Github external
var BearerStrategy = require('passport-http-bearer').Strategy
    , User = require('../models/user')
    , Token = require('../models/token');

  passport.serializeUser(function(user, done) {
    done(null, user._id);
  });

  passport.deserializeUser(function(id, done) {
    User.getUserById(id, function(err, user) {
      done(err, user);
    });
  });

  passport.use(new BearerStrategy({
    passReqToCallback: true
  },
  function(req, token, done) {
    Token.getToken(token, function(err, credentials) {
      if (err) { return done(err); }

      if (!credentials || !credentials.user) { return done(null, false); }

      req.token = credentials.token;

      if (credentials.token.deviceId) {
        req.provisionedDeviceId = credentials.token.deviceId;
      }

      return done(null, credentials.user, { scope: 'all' });
    });

passport-http-bearer

HTTP Bearer authentication strategy for Passport.

MIT
Latest version published 11 years ago

Package Health Score

58 / 100
Full package analysis

Similar packages