| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- const jwt = require('jsonwebtoken')
- const User = require('../database/models/user')
- const Role = require('../database/models/roles')
-
- const auth = async (req, res, next) => {
- try {
- const token = req.header('Authorization').replace('Bearer ', '')
- const decoded = jwt.verify(token, 'ovoJeSecret')
- console.log(decoded)
- } catch (e) {
- return res.send(e)
- }
- console.log('auth middleware')
- next()
- }
-
- const authRole = async (req, res, next) => {
- try {
- const token = req.header('Authorization').replace('Bearer ', '')
- if(!token) {
- return res.status(401).send('Invalid token!')
- }
-
- const findUser = await User.findOne({ 'tokens.token': token })
- if(!findUser) {
- return res.status(401).send('No user has the token provided!')
- }
- if(findUser['role'] === Role.Admin) {
- console.log('User is admin!')
- next()
- }
- else {
- return res.status(403).send('Access forbidden!')
- }
- } catch(e) {
- next(e)
- }
- }
-
- module.exports = { auth, authRole }
|
