unpkg/modules/middleware/userToken.js

49 lines
977 B
JavaScript

const AuthAPI = require("../AuthAPI");
const ReadMethods = { GET: true, HEAD: true };
function decodeBase64(string) {
return Buffer.from(string, "base64").toString();
}
/**
* Sets req.user from the payload in the auth token in the request.
*/
function userToken(req, res, next) {
if (req.user) {
return next();
}
const auth = req.get("Authorization");
const token = auth
? decodeBase64(auth)
: (ReadMethods[req.method] ? req.query : req.body).token;
if (!token) {
req.user = null;
return next();
}
AuthAPI.verifyToken(token).then(
payload => {
req.user = payload;
next();
},
error => {
if (error.name === "JsonWebTokenError") {
res.status(403).send({
error: `Bad auth token: ${error.message}`
});
} else {
console.error(error);
res.status(500).send({
error: "Unable to verify auth"
});
}
}
);
}
module.exports = userToken;