diff options
Diffstat (limited to 'middleware/auth.js')
| -rw-r--r-- | middleware/auth.js | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/middleware/auth.js b/middleware/auth.js new file mode 100644 index 0000000..a62812e --- /dev/null +++ b/middleware/auth.js @@ -0,0 +1,26 @@ +const fs = require('fs') +const jwt = require('jsonwebtoken') + +const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa.pub`, 'utf8') + +const auth = async (req, res, next) => { + try { + const jwtToken = req.body.jwtToken + + if (!jwtToken) throw new Error() + + const user = jwt.verify(jwtToken, cert, { algorithms: ['RS256'], issuer: 'pruss.it' }) + + if (!user) throw new Error() + + req.user = user + + return next() + } catch (err) { + const error = err === 'jwt expired' ? err.message : 'unauthorized' + + res.status(401).send({ error }) + } +} + +module.exports = auth |