forked from kaverti/website
24 lines
1.2 KiB
JavaScript
24 lines
1.2 KiB
JavaScript
let {
|
|
User, sequelize
|
|
} = require('../models')
|
|
const jwt = require("jsonwebtoken");
|
|
const Errors = require('../lib/errors')
|
|
module.exports = async(req, res, next) => {
|
|
try {
|
|
const token = req.headers.authorization.replace("Bearer ", "");
|
|
const decoded = jwt.verify(token, "iouydhtrfguyrthgftryhgidrhytgidhytiglriltnhgrhtiuygrthiugritghiyutrcginhrtijghurfcuhjgnioergjfuiehtiehtiehyritheithreifbhgehfbdxhbkvfdbhjkvgdkhnjUIYIRUiuiuYIYI3i42yiuyIUYIU4yiu$YUI#YUI$3mvsazr57;" + process.env.SESSION_SECRET);
|
|
req.userData = decoded;
|
|
let user = await User.findOne({ where: {
|
|
id: req.userData.UserId
|
|
}})
|
|
if(user && user.jwtOffset == req.userData.offset) {
|
|
req.userData = decoded;
|
|
next()
|
|
} else {
|
|
return res.status(401).json({"errors":[{"name":"requestNotAuthorized","message":"You aren't logged in, or you don't have permission to perform this action.","status":401}]});
|
|
}
|
|
} catch {
|
|
return res.status(401).json({"errors":[{"name":"requestNotAuthorized","message":"You aren't logged in, or you don't have permission to perform this action.","status":401}]});
|
|
}
|
|
};
|