Showing
5 changed files
with
35 additions
and
9 deletions
... | @@ -2,7 +2,7 @@ const bcrypt = require("bcryptjs"); | ... | @@ -2,7 +2,7 @@ const bcrypt = require("bcryptjs"); |
2 | // handles "exception" inside of async express routes | 2 | // handles "exception" inside of async express routes |
3 | const asyncHandler = require("express-async-handler"); | 3 | const asyncHandler = require("express-async-handler"); |
4 | const User = require("../models/userModel"); | 4 | const User = require("../models/userModel"); |
5 | -const jwtGenerator = require("../config/jwt"); | 5 | +const { jwtGenerator } = require("../config/jwt"); |
6 | 6 | ||
7 | // @desc Signup new user | 7 | // @desc Signup new user |
8 | // @route POST /api/users | 8 | // @route POST /api/users |
... | @@ -73,7 +73,7 @@ const loginUser = asyncHandler(async (req, res) => { | ... | @@ -73,7 +73,7 @@ const loginUser = asyncHandler(async (req, res) => { |
73 | // @route GET /api/users/self | 73 | // @route GET /api/users/self |
74 | // @access Private | 74 | // @access Private |
75 | const getSelf = asyncHandler(async (req, res) => { | 75 | const getSelf = asyncHandler(async (req, res) => { |
76 | - // Not figured out | 76 | + // TODO |
77 | res.status(200).json(req.user); | 77 | res.status(200).json(req.user); |
78 | }); | 78 | }); |
79 | 79 | ... | ... |
... | @@ -2,7 +2,9 @@ const jwt = require("jsonwebtoken"); | ... | @@ -2,7 +2,9 @@ const jwt = require("jsonwebtoken"); |
2 | 2 | ||
3 | const jwtGenerator = (id) => { | 3 | const jwtGenerator = (id) => { |
4 | // https://github.com/auth0/node-jsonwebtoken | 4 | // https://github.com/auth0/node-jsonwebtoken |
5 | - const token = jwt.sign({ id }, JWT_SECRET, { expiresIn: "2 days" }); | 5 | + const token = jwt.sign({ id }, process.env.JWT_SECRET, { |
6 | + expiresIn: "2 days", | ||
7 | + }); | ||
6 | return token; | 8 | return token; |
7 | }; | 9 | }; |
8 | 10 | ... | ... |
1 | const jwt = require("jsonwebtoken"); | 1 | const jwt = require("jsonwebtoken"); |
2 | +const asyncHandler = require("express-async-handler"); | ||
3 | +const User = require("../models/userModel"); | ||
2 | 4 | ||
3 | -const authHandler = (err, req, res, next) => { | 5 | +const authHandler = asyncHandler(async (req, res, next) => { |
4 | - next(); | 6 | + // Check if token exists |
5 | -}; | 7 | + if (!req.headers.authorization) { |
8 | + res.status(401); | ||
9 | + throw new Error("Not authorized"); | ||
10 | + } | ||
11 | + | ||
12 | + // Evaluate the token | ||
13 | + const token = req.headers.authorization.split(" ")[1]; | ||
14 | + const decoded = jwt.verify( | ||
15 | + token, | ||
16 | + process.env.JWT_SECRET, | ||
17 | + function (err, decoded) { | ||
18 | + if (err) { | ||
19 | + res.status(401); | ||
20 | + throw new Error("Not authorized"); | ||
21 | + } | ||
22 | + return decoded; | ||
23 | + } | ||
24 | + ); | ||
25 | + | ||
26 | + const user = await User.findById(decoded.id).select("-password"); | ||
27 | + req.user = user; | ||
28 | + return next(); | ||
29 | +}); | ||
6 | 30 | ||
7 | module.exports = { authHandler }; | 31 | module.exports = { authHandler }; | ... | ... |
1 | const express = require("express"); | 1 | const express = require("express"); |
2 | const router = express.Router(); | 2 | const router = express.Router(); |
3 | const { signupUser, loginUser, getSelf } = require("../actions/userActions"); | 3 | const { signupUser, loginUser, getSelf } = require("../actions/userActions"); |
4 | +const { authHandler } = require("../middleware/authMiddleware"); | ||
4 | 5 | ||
5 | router.post("/", signupUser); | 6 | router.post("/", signupUser); |
6 | router.post("/login", loginUser); | 7 | router.post("/login", loginUser); |
7 | -router.get("/self", getSelf); | 8 | +router.get("/self", authHandler, getSelf); |
8 | 9 | ||
9 | module.exports = router; | 10 | module.exports = router; | ... | ... |
-
Please register or login to post a comment