2019-02-26 00:02:42 +01:00
|
|
|
const jwt = require('jsonwebtoken')
|
|
|
|
|
const config = require('./config')
|
|
|
|
|
const User = require('./models/user')
|
|
|
|
|
|
|
|
|
|
const Auth = {
|
|
|
|
|
async isAuth (req, res, next) {
|
|
|
|
|
const token = req.body.token || req.params.token || req.headers['x-access-token']
|
|
|
|
|
console.log('[AUTH] ', token)
|
|
|
|
|
if (!token) return res.status(403).send({ message: 'Token not found' })
|
|
|
|
|
jwt.verify(token, config.secret, async (err, decoded) => {
|
|
|
|
|
if (err) return res.status(403).send({ message: 'Failed to authenticate token ' + err })
|
|
|
|
|
console.log('DECODED TOKEN', decoded)
|
2019-03-05 15:17:12 +01:00
|
|
|
req.user = await User.findOne({ where: { email: decoded.email, is_active: true } })
|
|
|
|
|
if (!req.user) return res.status(403).send({ message: 'Failed to authenticate token ' + err })
|
2019-02-26 00:02:42 +01:00
|
|
|
next()
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
async isAdmin (req, res, next) {
|
2019-03-05 15:17:12 +01:00
|
|
|
if (req.user.is_admin && req.user.is_active) return next()
|
2019-02-26 00:02:42 +01:00
|
|
|
return res.status(403).send({ message: 'Admin needed' })
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports = Auth
|
