From 9fb0815b575cfc23ced6722b1a164328bd3cff1a Mon Sep 17 00:00:00 2001
From: piotrruss <mail@pruss.it>
Date: Mon, 21 Aug 2023 22:19:54 +0200
Subject: refactor, new routes

---
 middleware/auth.js | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 middleware/auth.js

(limited to 'middleware')

diff --git a/middleware/auth.js b/middleware/auth.js
new file mode 100644
index 0000000..a62812e
--- /dev/null
+++ b/middleware/auth.js
@@ -0,0 +1,26 @@
+const fs = require('fs')
+const jwt = require('jsonwebtoken')
+
+const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa.pub`, 'utf8')
+
+const auth = async (req, res, next) => {
+  try {
+    const jwtToken = req.body.jwtToken
+
+    if (!jwtToken) throw new Error()
+
+    const user = jwt.verify(jwtToken, cert, { algorithms: ['RS256'], issuer: 'pruss.it' })
+
+    if (!user) throw new Error()
+
+    req.user = user
+
+    return next()
+  } catch (err) {
+    const error = err === 'jwt expired' ? err.message : 'unauthorized'
+
+    res.status(401).send({ error })
+  }
+}
+
+module.exports = auth
-- 
cgit v1.2.3