29 lines
822 B
JavaScript
29 lines
822 B
JavaScript
'user strict';
|
|
const { ROOT_PATH, API_CONFIG } = process.env;
|
|
const apiConfig = require( `${ROOT_PATH}/${API_CONFIG}` );
|
|
const jwt = require('jsonwebtoken');
|
|
const jwtSecret = apiConfig.authentication.jwtSecret;
|
|
|
|
function middleware( req, res, next ){
|
|
if( req.JWT ){
|
|
req.JWT.isValid = false;
|
|
try{
|
|
req.JWT.payload = jwt.verify( req.JWT.raw, jwtSecret );
|
|
if( !req.JWT.payload ){
|
|
return res.status(401).send({error:"Unauthorized",code:401});
|
|
}else{
|
|
req.JWT.isValid = true;
|
|
}
|
|
}catch( err ){
|
|
return res.status(401).send({error:"Unauthorized",code:401});
|
|
}
|
|
next();
|
|
}else{
|
|
return res.status(401).send({error:"Unauthorized",code:401});
|
|
}
|
|
}
|
|
|
|
module.exports = {
|
|
middleware
|
|
};
|