Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const jwt = require('jsonwebtoken');
- exports.isAuthenticated = (req, res, next) => {
- const token = req.headers['x-access-token'];
- if (!token)
- return res.json(401, { message: 'Token não fornecido.' });
- return jwt.verify(token, process.env.JWT_SECRET, (err, decoded) => {
- if (err)
- return res.json(401, { message: 'Token inválido.' });
- next();
- });
- }
- exports.isOwner = (req, res, next) => {
- const token = req.headers['x-access-token'];
- if (!token)
- return res.json(401, { message: 'Token não fornecido.' });
- return jwt.verify(token, process.env.JWT_SECRET, (err, decoded) => {
- if (err)
- return res.json(401, { message: 'Token inválido;' });
- if (decoded.profile != 'owner')
- return res.json(403, { message: 'Restrito a Owners.' });
- next();
- });
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement