api, login, auth

author: Piotr Russ <mail@pruss.it> 2020-11-16 00:10:28 +0100
committer: Piotr Russ <mail@pruss.it> 2020-11-16 00:10:28 +0100
commit: e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d (patch)
tree: 55713f725f77b44ebfec86e4eec3ce33e71458ca /server/middleware/auth.js
download: website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.tar.gz
website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.tar.bz2
website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.zip
1 files changed, 23 insertions, 0 deletions
diff --git a/server/middleware/auth.js b/server/middleware/auth.js
new file mode 100644
index 0000000..091d3a7
--- /dev/null
+++ b/server/middleware/auth.js
@@ -0,0 +1,23 @@
+const jwt = require('jsonwebtoken');
+const User = require('../models/User');
+
+const auth = async (req, res, next) => {
+  try {
+    const token = req.header('Authorization').replace('Bearer ', '');
+    const decoded = jwt.verify(token, 'replaceThisWithSecretString');
+    const user = await User.findOne({ _id: decoded._id, 'tokens.token': token });
+
+    if (!user) {
+      throw new Error();
+    }
+
+    req.token = token;
+    req.user = user;
+    next();
+  } catch (err) {
+    res.status(401).send({ error: 'Not authenticated.' });
+  }
+
+};
+
+module.exports = auth;
author	Piotr Russ <mail@pruss.it>	2020-11-16 00:10:28 +0100
committer	Piotr Russ <mail@pruss.it>	2020-11-16 00:10:28 +0100
commit	e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d (patch)
tree	55713f725f77b44ebfec86e4eec3ce33e71458ca /server/middleware/auth.js
download	website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.tar.gz website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.tar.bz2 website_creator-e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d.zip