+/* Copyright (c) 2019 AT&T Intellectual Property. #\r
+# #\r
+# Licensed under the Apache License, Version 2.0 (the "License"); #\r
+# you may not use this file except in compliance with the License. #\r
+# You may obtain a copy of the License at #\r
+# #\r
+# http://www.apache.org/licenses/LICENSE-2.0 #\r
+# #\r
+# Unless required by applicable law or agreed to in writing, software #\r
+# distributed under the License is distributed on an "AS IS" BASIS, #\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #\r
+# See the License for the specific language governing permissions and #\r
+# limitations under the License. #\r
+##############################################################################*/\r
+\r
+\r
+const authentication = require('@feathersjs/authentication');\r
+const jwt = require('@feathersjs/authentication-jwt');\r
+const local = require('@feathersjs/authentication-local');\r
+const { permissions } = require('./hooks/permissions/permissions');\r
+// const { hashPassword, protect } = require('@feathersjs/authentication-local').hooks;\r
+\r
+module.exports = function (app) {\r
+ const config = app.get('authentication');\r
+\r
+ // Set up authentication with the secret\r
+ app.configure(authentication(config));\r
+ app.configure(jwt());\r
+ app.configure(local());\r
+\r
+ // The `authentication` service is used to create a JWT.\r
+ // The before `create` hook registers strategies that can be used\r
+ // to create a new valid JWT (e.g. local or oauth2)\r
+ app.service(config.path).hooks({\r
+ before: {\r
+ create: [\r
+ function(context){\r
+ //console.log(context.data)\r
+ // console.log('authing');\r
+ },\r
+ authentication.hooks.authenticate(config.strategies),\r
+ permissions('authentication')\r
+ ],\r
+ remove: [\r
+ authentication.hooks.authenticate('jwt')\r
+ ]\r
+ },\r
+ after: {\r
+ create: [\r
+ // Send the user profile back with access token\r
+ async function (context) {\r
+ if (!context.params.user.enabled) {\r
+ context.result.accessToken = null;\r
+ }\r
+\r
+ context.result['user'] = context.params.user;\r
+\r
+ //Send Back the users rules\r
+ if(context.params.ability){\r
+ context.result.user['rules'] = context.params.ability.rules;\r
+ }\r
+\r
+ delete context.result.user.password;\r
+ return context;\r
+ }\r
+ ]\r
+ }\r
+ });\r
+};\r