40 lines
1.1 KiB
JavaScript
40 lines
1.1 KiB
JavaScript
const jwt = require('jsonwebtoken');
|
|
const {User} = require('../models/user.model');
|
|
const authConfig = require('../configs/auth.config');
|
|
|
|
const verifyToken = (req,res,next)=>{
|
|
console.log('verify token')
|
|
const token = req.headers["x-access-token"];
|
|
|
|
if(!token){
|
|
return res.status(403).send({
|
|
error_code : 403,
|
|
message : "no token provided! Access prohibited"
|
|
})
|
|
}
|
|
|
|
jwt.verify(token, authConfig.secretKey, async (err, decoded)=>{
|
|
if(err){
|
|
return res.status(401).send({
|
|
error_code : 400,
|
|
message : "UnAuthorised!"
|
|
})
|
|
}
|
|
console.log(decoded);
|
|
req.userId = decoded.id;
|
|
const user = await User.findOne({_id:req.userId});
|
|
console.log("🚀 ~ jwt.verify ~ user:", user)
|
|
if(!user){
|
|
return res.status(400).send({
|
|
error_code : 400,
|
|
message : "The user that this token belongs to does not exist"
|
|
})
|
|
}
|
|
|
|
next();
|
|
})
|
|
}
|
|
|
|
module.exports = {
|
|
verifyToken
|
|
} |