'use strict' const Joi = require('joi') const pluginConfig = { handlerType: 'authentication', docs: { get: { description: 'gets access token for authentication', notes: 'Gets access token for authentication', }, }, } module.exports = { method: 'POST', path: '/getaccess', options: { ...pluginConfig.docs.get, tags: ['api'], auth: false, cors: { headers: ['Authorization'], exposedHeaders: ['Authorization', 'Access-Control-Expose-Headers'], }, handler: async function (request, h) { const { userService } = request.server.services() const hash = request.payload.hash const accessToken = await userService.createToken({ ...hash, // NOTE: Set Expiration Time for Access Token Here // expires: 60 * 2, // TESTING: expires: 30, }) userService.activeSessions[`${hash}`].accessToken = accessToken const accessTokenInHashedSessions = userService.activeSessions[`${hash}`].accessToken === accessToken ? true : false // TODO: instead of putting the token in the return headers, // simply put it in the activeSessions Object try { const response = h.response({ ok: true, handler: pluginConfig.handlerType, data: accessTokenInHashedSessions, }) // response.header('Authorization', token) return response } catch (err) { return { ok: false, handler: pluginConfig.handlerType, data: { error: err, }, } } }, validate: { failAction: 'log', }, response: { // TODO: change back to accommodate new h.response return values schema: Joi.any().label('get_access_res'), failAction: 'log', }, }, }