unpkg/server/middleware/userToken.js

const AuthAPI = require('../AuthAPI')

const ReadMethods = { GET: true, HEAD: true }

/**
 * Sets req.user from the payload in the auth token in the request.
 */
function userToken(req, res, next) {
  if (req.user) {
    return next()
  }

  const token = (ReadMethods[req.method] ? req.query : req.body).token

  if (!token) {
    req.user = null
    return next()
  }

  AuthAPI.verifyToken(token).then(
    payload => {
      req.user = payload
      next()
    },
    error => {
      if (error.name === 'JsonWebTokenError') {
        res.status(403).send({
          error: `Bad auth token: ${error.message}`
        })
      } else {
        console.error(error)

        res.status(500).send({
          error: 'Unable to verify auth'
        })
      }
    }
  )
}

module.exports = userToken
Add auth and blacklist APIs 2017-11-11 20:18:13 +00:00			`const AuthAPI = require('../AuthAPI')`

			`const ReadMethods = { GET: true, HEAD: true }`

			`/**`
			`* Sets req.user from the payload in the auth token in the request.`
			`*/`
			`function userToken(req, res, next) {`
			`if (req.user) {`
			`return next()`
			`}`

			`const token = (ReadMethods[req.method] ? req.query : req.body).token`

			`if (!token) {`
			`req.user = null`
			`return next()`
			`}`

			`AuthAPI.verifyToken(token).then(`
			`payload => {`
			`req.user = payload`
			`next()`
			`},`
			`error => {`
			`if (error.name === 'JsonWebTokenError') {`
			`res.status(403).send({`
			error: `Bad auth token: ${error.message}`
			`})`
			`} else {`
			`console.error(error)`

			`res.status(500).send({`
			`error: 'Unable to verify auth'`
			`})`
			`}`
			`}`
			`)`
			`}`

			`module.exports = userToken`