Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const JWTAuthMiddleware = async function (request, reply) {
- const startedAt = Date.now();
- const authHeader = request.headers['authorization'];
- // HEADER NOT PROVIDED
- if (!authHeader)
- return notAuthorized(reply);
- // let's assume it is always `Bearer token`
- const [ protocol, token ] = authHeader.split(' ');
- // TOKEN NOT PROVIDED
- if (!token)
- return notAuthorized(reply);
- try {
- // VERIFY TOKEN
- const decoded = this.jwt.verify(token);
- const Users = this.mongo.db.collection('users');
- const { email, iat } = decoded;
- try {
- const user = await Users.findOne({ email }, profileProjection);
- // CHECK FOR USER EXISTENCE
- if (!user)
- return notAuthorized(reply);
- // CHECK FOR BLACKLISTED TOKEN
- if (!!user.tokenMinValidity && (iat * 1000) < user.tokenMinValidity)
- return notAuthorized(reply);
- // ALL FINE, FORWARD USER PROFILE
- request.user = user;
- request.authTime = Date.now() - startedAt;
- return;
- } catch (error) {
- console.error(error);
- reply.code(500);
- reply.send({ code: errorTypes.INTERNAL_SERVER_ERROR });
- return;
- }
- } catch (error) {
- // TOKEN MALFORMED OR EXPIRED
- console.error(error);
- return notAuthorized(reply);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement