blob: 462b1005a95dc8a0f60de33418843fd024dff4f7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
const jwt = require('jsonwebtoken');
const User = require('../models/User');
const auth = async (req, res, next) => {
try {
const token = req.cookies.token || '';
if (!token) {
throw new Error();
}
try {
const decoded = jwt.verify(token, 'replaceThisWithSecretString');
req.userId = decoded._id;
req.refreshToken = decoded.ref;
return next();
} catch(er) {
if (er.message && er.message === 'jwt expired') {
const { _id, ref } = jwt.decode(token, 'replaceThisWithSecretString');
const user = await User.findById(_id);
if (!user) {
throw new Error();
}
if (user.sessions.filter(s => s.ref === ref).length > 0) {
req.userId = _id;
req.refreshToken = ref;
req.newToken = await user.generateJwtToken(res.req.refreshToken);;
return next();
}
throw new Error();
}
throw new Error();
}
} catch (err) {
res.redirect('/login');
}
};
module.exports = auth;
|
