private & public key for jwt

wayne-th · wayne-th · commit b15d2941185c · 2021-09-16T10:27:06.000+03:00
diff --git a/config/mongoose.js b/config/mongoose.js
@@ -1,5 +1,4 @@
-var config = require('./config'),
-    mongoose = require('mongoose');
+const mongoose = require('mongoose');
 
 module.exports = function() {
     // Remove the warning with Promise
diff --git a/config/strategies/jwt.js b/config/strategies/jwt.js
@@ -1,3 +1,7 @@
+const fs = require('fs');
+var INIT_CWD = process.env.INIT_CWD;
+const PUBLIC_KEY = fs.readFileSync(INIT_CWD + '/keys/JWT/public.pem', 'utf-8');
+
 const passport = require('passport');
 const User = require('mongoose').model('User');
 
@@ -11,7 +15,8 @@ const jwtOpts = {
     // Telling Passport to check authorization headers for JWT
     jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
     // Telling Passport where to find the secret
-    secretOrKey: process.env.JWT_SECRET,
+    secretOrKey: PUBLIC_KEY,
+    algorithms: ['RS256']
 };
 
 module.exports = function() {
diff --git a/controllers/auth.controller.js b/controllers/auth.controller.js
@@ -12,7 +12,7 @@ authCtrl.register = (req, res, next) => {
     })
     .then(user => {
         user.updateOne(data)
-        .then(user => {
+        .then(result => {
             res.status(200).send(user.toAuthJSON());
         })
     })
diff --git a/keys/JWT/private.pem b/keys/JWT/private.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEArmQNqYAdVwKA3Jq8QPp84PGXcj6XmiI6AQN5U0n5E3Q087de
+jtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sYqPHgoU8p7s7P1gaFyawAm/srBqHI
+hviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQha2omyVz73bIwwjmh0+mU2VKMPuFS
+YdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTzj7hqlB3QCdYpuq1Qiri1YVCmBFvl
+tNrRRR6/EIMzPZgsN993awqegheK1ymhLJjlcS4eYAJAjgoTHO8DARDFd6OUGxLT
++Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjHIQIDAQABAoIBAQCjE5MnD1PgesnQ
+Aa7LQLIolCMgRWH1U85UBlCdT05pH8Eoqy/0d4PCgXl0oTWCR3EwjgCr1lms4YRX
+lEDuIvPzgISjs+itlZ4LMXxIk9zaAC1C/WUMujSeV2Mjx7JuwquVxzYNnxdNHAKw
+8T1pvW0nClQM9zPcI/aumcA373UvJxQotrAwueTU4HDpHJF9NsS/PbJBtyBJFC2v
+WZ8N7jNRBaAMceTbXQJXL7J41200N0neqCCI8XsFOx3CNVhfIwAZNk+WoNJTJhXo
+whrzlTK2Zx/3gG3Dpj5kiL39m++8M1e/Mx+DDmu4Dxi14Wd7JjpAkTZ6xjHfuAvM
+p8THyNnlAoGBANU7ynkH1Nxj0pkvm07ClWieA6yTG8yF3aHB+mIoHzYqxrvbsKKM
+09m28QHAKUKeMY9VPcheKZtSTwSFeeAEgt2XEHpLcRpgFMauPpTxJKbOsvp7UAtb
+hPKo3WAWFJN6l6dH+uOOQeCPK+Ji8w/yYLjPbjTvqRfbn1leSyXd+ZeDAoGBANFd
+7nsdwqgrGmIwWRxe5Jc6j/ZD15vR+1k5Kn+BfYY5nCh6L7V3wTICSCDsXNqSR42G
+mDaoCO2SPgPqE2TXJajwPZXUa7nPYCjytePPjEMqGUzYEzwcPA8V45n15GI+MrgR
+goWPvkakpyP8f0YRDxSU9sXw7aj25UrfW7EmFAGLAoGAb1A7LltsP3DM67LyfHcP
+0AFNIbXZ+TaYsGy27K7NPFWwUTkqSHED1s+tmKBb6a7zaEOzcPnW9oJNRar4KH2y
+Y0MNEwp3DLHDpsQnX1FTNNEKlb/x1Tv9dz+38QUV0Ldam7Tzv/7vXO7gldnZ0SVS
+YKfIfFHwD8hSszCKQkZSmUkCgYBzGX2q54CFLTUS99t1cmGfFg3g6AkXW8gflALe
+GBUm/nLv+cRSsiRe1sxKdUbSzopRrsXtflFyMeywADZrQLAugOyKez5B51TJDi2a
+sRY+Ml24Vi205RzLelAm6vyEWgdOFCo6PPzxH0HX0c8yeNxeh0pnJX2yXxFNKR/i
+crma4wKBgCt3uLE8URdr7EjpAfyueh2k8DMQYa8vwIR10aTVThSAIqc+LY1Ixf1m
+qzuhw6vethaCJJBRJ9weSNd24AGRJMKABJI+F1U4tSaQ3tDppzBmpJlNtVJVeVpc
+xfUnedIT/dqqJ+etUlW6uWAVwlumh8HT7uqMfHCtXvMpMueEPtW9
+-----END RSA PRIVATE KEY-----
diff --git a/keys/JWT/public.pem b/keys/JWT/public.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQNqYAdVwKA3Jq8QPp8
+4PGXcj6XmiI6AQN5U0n5E3Q087dejtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sY
+qPHgoU8p7s7P1gaFyawAm/srBqHIhviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQh
+a2omyVz73bIwwjmh0+mU2VKMPuFSYdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTz
+j7hqlB3QCdYpuq1Qiri1YVCmBFvltNrRRR6/EIMzPZgsN993awqegheK1ymhLJjl
+cS4eYAJAjgoTHO8DARDFd6OUGxLT+Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjH
+IQIDAQAB
+-----END PUBLIC KEY-----
diff --git a/keys/JWT/public_key.txt b/keys/JWT/public_key.txt
@@ -0,0 +1 @@
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQNqYAdVwKA3Jq8QPp84PGXcj6XmiI6AQN5U0n5E3Q087dejtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sYqPHgoU8p7s7P1gaFyawAm/srBqHIhviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQha2omyVz73bIwwjmh0+mU2VKMPuFSYdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTzj7hqlB3QCdYpuq1Qiri1YVCmBFvltNrRRR6/EIMzPZgsN993awqegheK1ymhLJjlcS4eYAJAjgoTHO8DARDFd6OUGxLT+Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjHIQIDAQAB
diff --git a/keys/SERVER/private.pem b/keys/SERVER/private.pem
@@ -0,0 +1,27 @@
+-----BEGIN PRIVATE KEY-----
+MIIEowIBAAKCAQEArmQNqYAdVwKA3Jq8QPp84PGXcj6XmiI6AQN5U0n5E3Q087de
+jtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sYqPHgoU8p7s7P1gaFyawAm/srBqHI
+hviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQha2omyVz73bIwwjmh0+mU2VKMPuFS
+YdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTzj7hqlB3QCdYpuq1Qiri1YVCmBFvl
+tNrRRR6/EIMzPZgsN993awqegheK1ymhLJjlcS4eYAJAjgoTHO8DARDFd6OUGxLT
++Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjHIQIDAQABAoIBAQCjE5MnD1PgesnQ
+Aa7LQLIolCMgRWH1U85UBlCdT05pH8Eoqy/0d4PCgXl0oTWCR3EwjgCr1lms4YRX
+lEDuIvPzgISjs+itlZ4LMXxIk9zaAC1C/WUMujSeV2Mjx7JuwquVxzYNnxdNHAKw
+8T1pvW0nClQM9zPcI/aumcA373UvJxQotrAwueTU4HDpHJF9NsS/PbJBtyBJFC2v
+WZ8N7jNRBaAMceTbXQJXL7J41200N0neqCCI8XsFOx3CNVhfIwAZNk+WoNJTJhXo
+whrzlTK2Zx/3gG3Dpj5kiL39m++8M1e/Mx+DDmu4Dxi14Wd7JjpAkTZ6xjHfuAvM
+p8THyNnlAoGBANU7ynkH1Nxj0pkvm07ClWieA6yTG8yF3aHB+mIoHzYqxrvbsKKM
+09m28QHAKUKeMY9VPcheKZtSTwSFeeAEgt2XEHpLcRpgFMauPpTxJKbOsvp7UAtb
+hPKo3WAWFJN6l6dH+uOOQeCPK+Ji8w/yYLjPbjTvqRfbn1leSyXd+ZeDAoGBANFd
+7nsdwqgrGmIwWRxe5Jc6j/ZD15vR+1k5Kn+BfYY5nCh6L7V3wTICSCDsXNqSR42G
+mDaoCO2SPgPqE2TXJajwPZXUa7nPYCjytePPjEMqGUzYEzwcPA8V45n15GI+MrgR
+goWPvkakpyP8f0YRDxSU9sXw7aj25UrfW7EmFAGLAoGAb1A7LltsP3DM67LyfHcP
+0AFNIbXZ+TaYsGy27K7NPFWwUTkqSHED1s+tmKBb6a7zaEOzcPnW9oJNRar4KH2y
+Y0MNEwp3DLHDpsQnX1FTNNEKlb/x1Tv9dz+38QUV0Ldam7Tzv/7vXO7gldnZ0SVS
+YKfIfFHwD8hSszCKQkZSmUkCgYBzGX2q54CFLTUS99t1cmGfFg3g6AkXW8gflALe
+GBUm/nLv+cRSsiRe1sxKdUbSzopRrsXtflFyMeywADZrQLAugOyKez5B51TJDi2a
+sRY+Ml24Vi205RzLelAm6vyEWgdOFCo6PPzxH0HX0c8yeNxeh0pnJX2yXxFNKR/i
+crma4wKBgCt3uLE8URdr7EjpAfyueh2k8DMQYa8vwIR10aTVThSAIqc+LY1Ixf1m
+qzuhw6vethaCJJBRJ9weSNd24AGRJMKABJI+F1U4tSaQ3tDppzBmpJlNtVJVeVpc
+xfUnedIT/dqqJ+etUlW6uWAVwlumh8HT7uqMfHCtXvMpMueEPtW9
+-----END PRIVATE KEY-----
diff --git a/keys/SERVER/public.pem b/keys/SERVER/public.pem
@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQNqYAdVwKA3Jq8QPp8
+4PGXcj6XmiI6AQN5U0n5E3Q087dejtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sY
+qPHgoU8p7s7P1gaFyawAm/srBqHIhviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQh
+a2omyVz73bIwwjmh0+mU2VKMPuFSYdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTz
+j7hqlB3QCdYpuq1Qiri1YVCmBFvltNrRRR6/EIMzPZgsN993awqegheK1ymhLJjl
+cS4eYAJAjgoTHO8DARDFd6OUGxLT+Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjH
+IQIDAQAB
+-----END CERTIFICATE-----
diff --git a/keys/SERVER/public_key.txt b/keys/SERVER/public_key.txt
@@ -0,0 +1 @@
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQNqYAdVwKA3Jq8QPp84PGXcj6XmiI6AQN5U0n5E3Q087dejtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sYqPHgoU8p7s7P1gaFyawAm/srBqHIhviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQha2omyVz73bIwwjmh0+mU2VKMPuFSYdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTzj7hqlB3QCdYpuq1Qiri1YVCmBFvltNrRRR6/EIMzPZgsN993awqegheK1ymhLJjlcS4eYAJAjgoTHO8DARDFd6OUGxLT+Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjHIQIDAQAB
diff --git a/models/user.model.js b/models/user.model.js
@@ -2,6 +2,10 @@ const {compareSync, hashSync} = require('bcrypt-nodejs');
 const {Schema, model} = require('mongoose');
 const jwt = require('jsonwebtoken');
 
+const fs = require('fs');
+var INIT_CWD = process.env.INIT_CWD;
+const PRIVATE_KEY = fs.readFileSync(INIT_CWD + '/keys/JWT/private.pem','utf-8');
+
 const UserSchema = new Schema(
     {
         email: {
@@ -82,9 +86,10 @@ UserSchema.methods = {
             {
                 _id: this._id,
             },
-            process.env.JWT_SECRET,
+            PRIVATE_KEY,
             {
-                expiresIn: process.env.EXPIRESIN
+                expiresIn: process.env.EXPIRESIN,
+                algorithm: 'RS256',
             }
         );
     },
diff --git a/server.js b/server.js
@@ -1,4 +1,13 @@
-require('dotenv').config()
+require('dotenv').config();
+
+// const fs = require('fs');
+const http = require('http');
+// const https = require('https');
+// var INIT_CWD = process.env.INIT_CWD;
+// const privateKey  = fs.readFileSync(INIT_CWD + '/keys/SERVER/private.pem', 'utf8')
+// const publicKey = fs.readFileSync(INIT_CWD + '/keys/SERVER/public.pem', 'utf8')
+
+// const credentials = {key: privateKey, cert: publicKey};
 
 const mongoose = require('./config/mongoose');
 const express = require('./config/express');
@@ -8,8 +17,14 @@ const db = mongoose();
 const app = express();
 const passprt = passport();
 
-app.listen(process.env.PORT || 3123);
 
-console.log(`Server running at http://localhost:/${process.env.PORT || 3123}`);
+const httpServer = http.createServer(app);
+// const httpsServer = https.createServer(credentials, app);
+
+httpServer.listen(process.env.HTTP_PORT || 3123);
+// httpsServer.listen(process.env.HTTPS_PORT || 3333);
+
+console.log(`HTTP Server running at http://localhost:/${process.env.HTTP_PORT || 3123}`);
+// console.log(`HTTPS Server running at https://localhost:/${process.env.HTTPS_PORT || 3333}`);
 
 module.exports = app;

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQNqYAdVwKA3Jq8QPp84PGXcj6XmiI6AQN5U0n5E3Q087dejtVH2ijgwlWu86TEgy11EMRzsEupov4rF/sYqPHgoU8p7s7P1gaFyawAm/srBqHIhviB7hi1ziCu71VYje+3b+QmduwR2VgHGNQha2omyVz73bIwwjmh0+mU2VKMPuFSYdPX2LzxdM4g6Ma40i7pyXoMGUqssJyKCiTzj7hqlB3QCdYpuq1Qiri1YVCmBFvltNrRRR6/EIMzPZgsN993awqegheK1ymhLJjlcS4eYAJAjgoTHO8DARDFd6OUGxLT+Zq1clXd1Cu1lgSO9XQ6G4tqMOBt8Kn9yFjHIQIDAQAB`
Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,10 @@ const {compareSync, hashSync} = require('bcrypt-nodejs');`
`2`	`2`	`const {Schema, model} = require('mongoose');`
`3`	`3`	`const jwt = require('jsonwebtoken');`
`4`	`4`
	`5`	`+const fs = require('fs');`
	`6`	`+var INIT_CWD = process.env.INIT_CWD;`
	`7`	`+const PRIVATE_KEY = fs.readFileSync(INIT_CWD + '/keys/JWT/private.pem','utf-8');`
	`8`	`+`
`5`	`9`	`const UserSchema = new Schema(`
`6`	`10`	`{`
`7`	`11`	`email: {`
`@@ -82,9 +86,10 @@ UserSchema.methods = {`
`82`	`86`	`{`
`83`	`87`	`_id: this._id,`
`84`	`88`	`},`
`85`		`- process.env.JWT_SECRET,`
	`89`	`+ PRIVATE_KEY,`
`86`	`90`	`{`
`87`		`- expiresIn: process.env.EXPIRESIN`
	`91`	`+ expiresIn: process.env.EXPIRESIN,`
	`92`	`+ algorithm: 'RS256',`
`88`	`93`	`}`
`89`	`94`	`);`
`90`	`95`	`},`