Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- app.post('/api/register*', function(request,response, next){
- console.log("Entered register/user function");
- registerProxy(request, response, next);});
- app.get('/api/users*', protected, function(request, response, next){
- console.log('Entered userinfo function');
- userInformationProxy(request,response,next);});
- function protected(request, response, next){
- console.log('Entered function to strip jwt');
- console.log(request.method, request.url);
- const bearerHeader = request.headers['authorization'];
- if(typeof bearerHeader !== 'undefined'){
- console.log('JWT is present');
- const bearer = bearerHeader.split(' ');
- const bearerToken = bearer[1];
- request.token = bearerToken;
- jwt.verify(request.token, secretKey, function(error, authData){
- if(error){
- response
- .status(403)
- .json({'message': 'Forbidden'})
- } else{
- console.log(authData);
- if(request.url.includes(authData.username)){
- next();
- } else{
- response
- .status(403)
- .json({'message': 'Forbidden'})
- }
- }
- });
- } else{
- response
- .status(403)
- .json({'message': 'Forbidden'})
- }}
- app.get('/api/search', function(request, response, next){
- console.log('Entered search function');
- searchProxy(request, response,next);});
Add Comment
Please, Sign In to add comment