initial commit
This commit is contained in:
31
middleware/auth.js
Normal file
31
middleware/auth.js
Normal file
@@ -0,0 +1,31 @@
|
||||
var { verify } = require("jsonwebtoken");
|
||||
|
||||
function isAuthorized(req, res, next) {
|
||||
if (!req.headers.authorization)
|
||||
return res.status(401).end();
|
||||
|
||||
if (req.headers.authorization.split(" ")[0] !== "Bearer")
|
||||
return res.status(403).end();
|
||||
|
||||
if (!verify(req.headers.authorization.split(" ")[1], process.env.JWT_SECRET))
|
||||
return res.status(403).end();
|
||||
|
||||
next();
|
||||
}
|
||||
|
||||
function isRelevantUser(req, res, next) {
|
||||
let reqId = req.params.id;
|
||||
let token = req.headers.authorization.split(" ")[1];
|
||||
let decodedToken = verify(token, process.env.JWT_SECRET);
|
||||
|
||||
if (decodedToken.data.id !== parseInt(reqId)) return res.status(403).end();
|
||||
|
||||
if (decodedToken.data.exp < Date.now()) return res.status(403).end();
|
||||
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
isAuthorized,
|
||||
isRelevantUser
|
||||
};
|
||||
Reference in New Issue
Block a user