43 lines
863 B
JavaScript
43 lines
863 B
JavaScript
import { verifyToken } from '../utils/auth';
|
|
|
|
function decodeBase64(string) {
|
|
return Buffer.from(string, 'base64').toString();
|
|
}
|
|
|
|
/**
|
|
* Sets req.user from the payload in the auth token in the request.
|
|
*/
|
|
export default function userToken(req, res, next) {
|
|
if (req.user !== undefined) {
|
|
return next();
|
|
}
|
|
|
|
const auth = req.get('Authorization');
|
|
const token = auth && decodeBase64(auth);
|
|
|
|
if (!token) {
|
|
req.user = null;
|
|
return next();
|
|
}
|
|
|
|
verifyToken(token).then(
|
|
payload => {
|
|
req.user = payload;
|
|
next();
|
|
},
|
|
error => {
|
|
if (error.name === 'JsonWebTokenError') {
|
|
res.status(403).send({
|
|
error: `Bad auth token: ${error.message}`
|
|
});
|
|
} else {
|
|
console.error(error);
|
|
|
|
res.status(500).send({
|
|
error: 'Unable to verify auth'
|
|
});
|
|
}
|
|
}
|
|
);
|
|
}
|