Scribd
Upload
3 views

Lecture 10

Uploaded by

Ayush Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
3 views

Lecture 10

Uploaded by

Ayush Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Lecture: 10 Authentication

This code implements an authentication middleware in a Node.js application using express. Its
purpose is to manage user login, authentication, session handling, and access control. Below is a
breakdown of the workflow:

Key Components

1. Base Middleware: AuthMiddleware extends BaseMiddleware, inheriting its properties and


methods.

2. Strategies: It uses different strategies for login:

o LoginStrategy: Handles regular user login.

o VendorLoginStrategy: Handles vendor-specific login.

3. Auth Model: AuthModel is used to query the database for user credentials and permissions.

4. Token Management: JWT tokens are used to handle session persistence.

Workflow

1. Initialization

• initialize(router, configs):

o Configures passport middleware for authentication (this._passport).

o Sets up the login strategies (LoginStrategy and VendorLoginStrategy).

o Attaches login routes (/default/login).

o Calls redirectUser() to set up middlewares for handling routes.

2. Login Handling

• Route: /default/login is handled by handleLoginRoutes.

o If req.path === '/login':

▪ Retrieves username and password from req.body.

▪ Checks the credentials using authModel.checkLoginRoute().

▪ If invalid credentials: Sends an error response.

▪ If valid:

▪ Normal users: Delegates to LoginStrategy (_loginObj).

▪ Vendors: Delegates to VendorLoginStrategy


(_loginObjVendor).
o If the user logs out (/logout), clears session or delegates vendor-specific logout.

3. Middleware Setup (redirectUser)

This method sets up the following middleware functions:

1. Icon Loading (_loadIcon):

o Serves a favicon (/favicon.ico).

2. Login Check (_checkLoginAndProceed):

o Verifies whether a session or token exists. If not:

▪ Clears cookies (e.g., authToken, token) and sends a 401 response.

3. Token Validation (_validationTokenAndLoginUser):

o Validates JWT tokens in cookies.

o If valid, decodes the token and authenticates the user.

o If invalid, clears cookies and sends a 401 response.

4. Static File Serving:

o Serves assets or frontend files for the application (Angular-based).

4. JWT-Based Token Handling

• _verifyTokenAndAuthenticate:

o Verifies the JWT token using jwt.verify.

o Retrieves user credentials and calls passport.authenticate for login.

o Updates session properties (_setSessionProps).

o Refreshes tokens (authToken, token) and sets cookies with new expiry times.

5. Session and Role Management

• _setSessionProps:

o Updates session properties (e.g., username, user, clientId, etc.).

• _addUserToAcl:

o Adds the user to the ACL system (Access Control List).

o Grants roles and permissions based on user-specific data.

6. Public APIs
• APIs for public access:

o /form: Fetches form definitions and questionnaire data.

o /invalidateCache: Invalidates web and mobile caches using AWS CloudFront.

o /dashboard: Fetches dashboard configurations.

o /validateClientUrl: Validates client URLs.

7. Cache Invalidation

• invalidateWebCache and invalidateMobCache:

o Clear web and mobile-specific caches using AWS CloudFront.

o Sends invalidation requests with appropriate parameters.

8. Error Handling

• Handles common errors such as:

o Invalid credentials.

o Expired or invalid tokens.

o Database connection issues.

• Sends structured error responses (errCode, message, etc.).

Summary of Workflow

1. Initialization:

o Middleware, routes, and strategies are set up.

2. Login:

o User credentials are validated, and tokens or sessions are managed.

3. Session Management:

o Tokens are validated and refreshed automatically.

4. Access Control:

o ACL is updated for roles and permissions.

5. Cache and File Handling:

o Provides APIs for file serving, cache invalidation, and static file management.

You might also like