-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathapp.js
80 lines (67 loc) · 2.18 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
var express = require('express')
var session = require('express-session')
var passport = require('passport')
var OAuth2Strategy = require('passport-oauth2').Strategy
var path = require('path')
var logger = require('morgan')
var cookieParser = require('cookie-parser')
var bodyParser = require('body-parser')
var jwt = require('jsonwebtoken')
var jwkToPem = require('jwk-to-pem')
var config = require('./config')
var index = require('./routes/index')
var app = express()
var sessionOptions = {
secret: 'node-aws-cognito-example',
cookie: {},
resave: true,
saveUninitialized: true
}
app.use(session(sessionOptions))
app.use(passport.initialize())
app.use(passport.session())
passport.use(new OAuth2Strategy({
authorizationURL: `https://${config.COGNITO_DOMAIN}/login`,
tokenURL: `https://${config.COGNITO_DOMAIN}/oauth2/token`,
clientID: config.COGNITO_APP_CLIENT_ID,
clientSecret: config.COGNITO_APP_CLIENT_SECRET,
callbackURL: config.COGNITO_APP_CLIENT_CALLBACK_URL
},
function (accessToken, refreshToken, profile, done) {
let jwk = JSON.parse(config.COGNITO_JWK)
let pem = jwkToPem(jwk)
let payload = jwt.verify(accessToken, pem)
let groups = payload['cognito:groups'] || []
done(null, { groups: groups, accessToken: accessToken }) // Keep accessToken for passing to API calls
}))
passport.serializeUser(function (user, done) {
done(null, user)
})
passport.deserializeUser(function (user, done) {
done(null, user)
})
// view engine setup
app.set('views', path.join(__dirname, 'views'))
app.set('view engine', 'pug')
app.use(logger('dev'))
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(cookieParser())
app.use(express.static(path.join(__dirname, 'public')))
app.use('/', index)
// catch 404 and forward to error handler
app.use(function (req, res, next) {
var err = new Error('Not Found')
err.status = 404
next(err)
})
// error handler
app.use(function (err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message
res.locals.error = req.app.get('env') === 'development' ? err : {}
// render the error page
res.status(err.status || 500)
res.render('error')
})
module.exports = app