gancio/app/auth.js

const jwt = require('jsonwebtoken')
const config = require('./config')
const User = require('./models/user')
const { Op } = require('sequelize')

const Auth = {
  async fillUser (req, res, next) {
    const token = req.body.token || req.params.token || req.headers['x-access-token']
    if (!token) return next()
    jwt.verify(token, config.secret, async (err, decoded) => {
      if (err) return next()
      req.user = await User.findOne({ where: { email: { [Op.eq]: decoded.email }, is_active: true } })
      next()
    })
  },
  async isAuth (req, res, next) {
    const token = req.body.token || req.params.token || req.headers['x-access-token']
    if (!token) return res.status(403).send({ message: 'Token not found' })
    jwt.verify(token, config.secret, async (err, decoded) => {
      if (err) return res.status(403).send({ message: 'Failed to authenticate token ' + err })
      req.user = await User.findOne({ where: { email: { [Op.eq]: decoded.email }, is_active: true } })
      if (!req.user) return res.status(403).send({ message: 'Failed to authenticate token ' + err })
      next()
    })
  },
  async isAdmin (req, res, next) {
    if (req.user.is_admin && req.user.is_active) return next()
    return res.status(403).send({ message: 'Admin needed' })
  }
}

module.exports = Auth
first commit backend 2019-02-26 00:02:42 +01:00			`const jwt = require('jsonwebtoken')`
			`const config = require('./config')`
			`const User = require('./models/user')`
pm2 / cron worker to send reminder 2019-03-10 01:01:23 +01:00			`const { Op } = require('sequelize')`
first commit backend 2019-02-26 00:02:42 +01:00
			`const Auth = {`
stream of consciousness 2019-03-07 14:59:28 +01:00			`async fillUser (req, res, next) {`
			`const token = req.body.token \|\| req.params.token \|\| req.headers['x-access-token']`
pm2 / cron worker to send reminder 2019-03-10 01:01:23 +01:00			`if (!token) return next()`
stream of consciousness 2019-03-07 14:59:28 +01:00			`jwt.verify(token, config.secret, async (err, decoded) => {`
pm2 / cron worker to send reminder 2019-03-10 01:01:23 +01:00			`if (err) return next()`
			`req.user = await User.findOne({ where: { email: { [Op.eq]: decoded.email }, is_active: true } })`
stream of consciousness 2019-03-07 14:59:28 +01:00			`next()`
			`})`
			`},`
first commit backend 2019-02-26 00:02:42 +01:00			`async isAuth (req, res, next) {`
			`const token = req.body.token \|\| req.params.token \|\| req.headers['x-access-token']`
			`if (!token) return res.status(403).send({ message: 'Token not found' })`
			`jwt.verify(token, config.secret, async (err, decoded) => {`
			`if (err) return res.status(403).send({ message: 'Failed to authenticate token ' + err })`
pm2 / cron worker to send reminder 2019-03-10 01:01:23 +01:00			`req.user = await User.findOne({ where: { email: { [Op.eq]: decoded.email }, is_active: true } })`
fix #2 2019-03-05 15:17:12 +01:00			`if (!req.user) return res.status(403).send({ message: 'Failed to authenticate token ' + err })`
first commit backend 2019-02-26 00:02:42 +01:00			`next()`
			`})`
			`},`
			`async isAdmin (req, res, next) {`
fix #2 2019-03-05 15:17:12 +01:00			`if (req.user.is_admin && req.user.is_active) return next()`
first commit backend 2019-02-26 00:02:42 +01:00			`return res.status(403).send({ message: 'Admin needed' })`
			`}`
			`}`

			`module.exports = Auth`