Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function isAllowed(req, res, next) {
- let decodeToken = jwt.decode(req.cookies.token, JwtOptions.secretOrKey);
- db.users.findById(decodeToken.id).then(data => {
- if (data == null) {
- throw {
- success: false,
- message: 'User token not found'
- }
- }
- req.session.user = data; // hz dolzno prokinutj
- next();
- })
- .catch(function (err) {
- res.status(401).send(err.message);
- });
- }
- app.get('/api/orders', isAllowed, function (req, res) {
- db.ordersfindAll({
- where: {
- userId: req.session.user.id
- }
- })
- .then(orders => res.json({message: 'OK', body: orders}));
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement