API tools faq
paste
Guest User

Untitled

a guest
Apr 21st, 2018
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.37 KB | None | 0 0
raw download clone embed print report
  1. app.post('/api/register*', function(request,response, next){
  2. console.log("Entered register/user function");
  3. registerProxy(request, response, next);});
  4.  
  5. app.get('/api/users*', protected, function(request, response, next){
  6. console.log('Entered userinfo function');
  7. userInformationProxy(request,response,next);});
  8.  
  9. function protected(request, response, next){
  10. console.log('Entered function to strip jwt');
  11. console.log(request.method, request.url);
  12. const bearerHeader = request.headers['authorization'];
  13. if(typeof bearerHeader !== 'undefined'){
  14. console.log('JWT is present');
  15. const bearer = bearerHeader.split(' ');
  16. const bearerToken = bearer[1];
  17. request.token = bearerToken;
  18. jwt.verify(request.token, secretKey, function(error, authData){
  19. if(error){
  20. response
  21. .status(403)
  22. .json({'message': 'Forbidden'})
  23. } else{
  24. console.log(authData);
  25. if(request.url.includes(authData.username)){
  26. next();
  27. } else{
  28. response
  29. .status(403)
  30. .json({'message': 'Forbidden'})
  31. }
  32. }
  33. });
  34. } else{
  35. response
  36. .status(403)
  37. .json({'message': 'Forbidden'})
  38. }}
  39.  
  40. app.get('/api/search', function(request, response, next){
  41. console.log('Entered search function');
  42. searchProxy(request, response,next);});
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!