autorized middleware

kimdoyeong · kimdoyeong · commit 6d481b287c6d · 2019-10-27T13:35:59.000+09:00
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -1,29 +1,20 @@
 module.exports = {
-    "env": {
-        "es6": true,
-        "node": true
-    },
-    "extends": [
-        "airbnb-base",
-        "eslint:recommended"
-    ],
-    "globals": {
-        "Atomics": "readonly",
-        "SharedArrayBuffer": "readonly"
-    },
-    "parserOptions": {
-        "ecmaVersion": 2018
-    },
-    "rules": {
-        "no-unused-vars": "warn",
-        "no-console": "off",
-        "no-undef": "off",
-        "consistent-return": "off",
-        "radix": "off",
-        "global-require": "off",
-        "no-continue": "off",
-        "import/no-dynamic-require": "off",
-        "no-restricted-syntax": "off",
-        "no-plusplus": "off"
-    }
-};
+  env: {
+    commonjs: true,
+    es6: true,
+    node: true
+  },
+  extends: 'eslint:recommended',
+  globals: {
+    Atomics: 'readonly',
+    SharedArrayBuffer: 'readonly'
+  },
+  parserOptions: {
+    ecmaVersion: 2018
+  },
+  rules: {
+    'no-unused-vars': 'warn',
+    'no-console': 'off',
+    'no-undef': 'off'
+  }
+};
diff --git a/app.js b/app.js
@@ -11,12 +11,14 @@ const getRoutes = require('./lib/getRoutes');
 
 const routes = getRoutes();
 
-app.use(cors({
-  origin: process.env.NODE_ENV === 'development' ? '*' : 'surfspace.me',
-}));
+app.use(
+  cors({
+    origin: process.env.NODE_ENV === 'development' ? '*' : 'surfspace.me'
+  })
+);
 app.use(bodyParser.json({ extended: true }));
 
-routes.forEach((data) => {
+routes.forEach(data => {
   app.use(data.path || '/', data.router);
 });
 
@@ -27,19 +29,20 @@ app.use(() => {
 });
 // Error 처리 핸들러
 
-app.use((error, req, res, next) => {
+app.use((error, req, res) => {
   const status = error.status || 500;
-  const message = error.message && error.expose
-    ? error.message
-    : 'An error has occurred. Please Try Again.';
+  const message =
+    error.message && error.expose
+      ? error.message
+      : 'An error has occurred. Please Try Again.';
 
   if (!error.expose) {
     console.error(error);
   }
 
   res.status(status).json({
     status,
-    message,
+    message
   });
 });
 
diff --git a/lib/middlewares/auth.js b/lib/middlewares/auth.js
@@ -0,0 +1,16 @@
+const jwt = require('jsonwebtoken');
+
+exports.authroized = (req, res, next) => {
+  let token;
+  try {
+    token = req.headers['x-access-token'];
+  } catch (e) {
+    return throwError('필수 항목이 입력되지 않았습니다.', 400);
+  }
+  try {
+    jwt.verify(token, settings.TOKEN_KEY || 'jwt');
+    next();
+  } catch (e) {
+    return throwError('올바른 토큰이 아닙니다.', 403);
+  }
+};
diff --git a/lib/sendLog.js b/lib/sendLog.js
diff --git a/lib/verifyToken.js b/lib/verifyToken.js
diff --git a/package.json b/package.json
@@ -20,7 +20,7 @@
     "socket.io": "^2.3.0"
   },
   "scripts": {
-    "dev": "NODE_ENV=development nodemon index.js",
+    "dev": "NODE_ENV=development nodemon index.js --exec \"yarn run lint && node\"",
     "server": "nodemon index.js",
     "test": "NODE_ENV=test mocha",
     "lint": "eslint . --fix"
@@ -31,6 +31,7 @@
     "eslint-config-airbnb": "^18.0.1",
     "eslint-plugin-import": "^2.18.2",
     "mocha": "^6.2.2",
+    "prettier": "1.18.2",
     "supertest": "^4.0.2"
   }
-}
+}
diff --git a/prettier.config.js b/prettier.config.js
@@ -0,0 +1,5 @@
+module.exports = {
+  tabWidth: 2,
+  semi: true,
+  singleQuote: true,
+};
diff --git a/routes/auth/index.js b/routes/auth/index.js
@@ -24,7 +24,7 @@ router.post('/', (req, res) => {
     userId: req.body.uid,
     username: req.body.name,
   };
-  const result = jwt.sign(payload, req.body.uid, {
+  const result = jwt.sign(payload, settings.TOKEN_KEY || 'jwt', {
     expiresIn: tokenExpireTime,
     issuer: 'surfspace.me',
   });
diff --git a/routes/user/index.js b/routes/user/index.js
@@ -6,11 +6,10 @@ const util = require('util');
 const router = express.Router();
 const crypto = require('crypto');
 const bodyParser = require('body-parser');
-const jwt = require('jsonwebtoken');
 const throwError = require('../../lib/throwError');
-const sendLog = require('../../lib/sendLog');
 const phoneCert = require('../../lib/PhoneCertToken');
 const User = require('../../models/user');
+const auth = require('../../lib/middlewares/auth');
 
 require('dotenv').config();
 
@@ -27,7 +26,7 @@ router.post('/', async (req, res, next) => {
       nickname,
       email,
       interest,
-      address,
+      address
     } = req.body;
     // promisify
     const randomBytes = util.promisify(crypto.randomBytes);
@@ -39,7 +38,7 @@ router.post('/', async (req, res, next) => {
       buf.toString('base64'),
       100000,
       64,
-      'sha512',
+      'sha512'
     );
 
     const Ukey = buf.toString('base64');
@@ -48,13 +47,13 @@ router.post('/', async (req, res, next) => {
     const testKey = await pbkdf2(password, Ukey, 100000, 64, 'sha512');
     if (Upw !== testKey.toString('base64')) {
       return throwError('암호화 도중 검증에 실패했습니다.', 500, {
-        logError: true,
+        logError: true
       });
     }
 
     if (
-      process.env.NODE_ENV !== 'test'
-      && !phoneCert.verifyToken(ptoken, phone)
+      process.env.NODE_ENV !== 'test' &&
+      !phoneCert.verifyToken(ptoken, phone)
     ) {
       return throwError('올바른 휴대폰 인증 정보가 아닙니다.', 500);
     }
@@ -69,7 +68,7 @@ router.post('/', async (req, res, next) => {
       phone,
       address,
       interest,
-      something: somethingStr,
+      something: somethingStr
     });
     try {
       await user.save();
@@ -78,7 +77,7 @@ router.post('/', async (req, res, next) => {
       return throwError('DB 저장을 실패했습니다.', 500);
     }
     res.status(201).json({
-      success: true,
+      success: true
     });
   } catch (e) {
     next(e);
@@ -112,23 +111,15 @@ router.post('/overlap', async (req, res, next) => {
   }
 });
 
-router.get('/:id', async (req, res, next) => {
+router.get('/:id', auth.authroized, async (req, res, next) => {
   try {
-    let token;
     let query;
     try {
-      token = req.headers['x-access-token'];
       query = { uid: req.params.id };
     } catch (e) {
       return throwError('필수 항목이 입력되지 않았습니다.');
     }
 
-    try {
-      jwt.verify(token, query.uid);
-    } catch (e) {
-      return throwError('유효한 토큰이 아닙니다.', 403);
-    }
-
     const result = await User.findOne(query);
     try {
       const sendResult = {
@@ -137,7 +128,7 @@ router.get('/:id', async (req, res, next) => {
         email: result.email,
         phone: result.phone,
         address: result.address,
-        interest: result.interest,
+        interest: result.interest
       };
       res.json(sendResult);
     } catch (e) {
diff --git a/settings.example.json b/settings.example.json
@@ -1,4 +1,5 @@
 {
-    "PHONE_KEY": "phonetokenkey",
-    "PHONE_CERT_KEY": "certtokenkey"
-}
+  "PHONE_KEY": "phonetokenkey",
+  "PHONE_CERT_KEY": "certtokenkey",
+  "TOKEN_KEY": "JWT_Token"
+}
diff --git a/yarn.lock b/yarn.lock
@@ -2759,6 +2759,11 @@ prepend-http@^1.0.1:
   resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc"
   integrity sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=
 
+prettier@1.18.2:
+  version "1.18.2"
+  resolved "https://registry.yarnpkg.com/prettier/-/prettier-1.18.2.tgz#6823e7c5900017b4bd3acf46fe9ac4b4d7bda9ea"
+  integrity sha512-OeHeMc0JhFE9idD4ZdtNibzY0+TPHSpSSb9h8FqtP+YnoZZ1sl8Vc9b1sasjfymH3SonAF4QcA2+mzHPhMvIiw==
+
 process-nextick-args@~2.0.0:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`{`
`2`		`- "PHONE_KEY": "phonetokenkey",`
`3`		`- "PHONE_CERT_KEY": "certtokenkey"`
`4`		`-}`
	`2`	`+ "PHONE_KEY": "phonetokenkey",`
	`3`	`+ "PHONE_CERT_KEY": "certtokenkey",`
	`4`	`+ "TOKEN_KEY": "JWT_Token"`
	`5`	`+}`