Showing
5 changed files
with
35 additions
and
9 deletions
| ... | @@ -2,7 +2,7 @@ const bcrypt = require("bcryptjs"); | ... | @@ -2,7 +2,7 @@ const bcrypt = require("bcryptjs"); |
| 2 | // handles "exception" inside of async express routes | 2 | // handles "exception" inside of async express routes |
| 3 | const asyncHandler = require("express-async-handler"); | 3 | const asyncHandler = require("express-async-handler"); |
| 4 | const User = require("../models/userModel"); | 4 | const User = require("../models/userModel"); |
| 5 | -const jwtGenerator = require("../config/jwt"); | 5 | +const { jwtGenerator } = require("../config/jwt"); |
| 6 | 6 | ||
| 7 | // @desc Signup new user | 7 | // @desc Signup new user |
| 8 | // @route POST /api/users | 8 | // @route POST /api/users |
| ... | @@ -73,7 +73,7 @@ const loginUser = asyncHandler(async (req, res) => { | ... | @@ -73,7 +73,7 @@ const loginUser = asyncHandler(async (req, res) => { |
| 73 | // @route GET /api/users/self | 73 | // @route GET /api/users/self |
| 74 | // @access Private | 74 | // @access Private |
| 75 | const getSelf = asyncHandler(async (req, res) => { | 75 | const getSelf = asyncHandler(async (req, res) => { |
| 76 | - // Not figured out | 76 | + // TODO |
| 77 | res.status(200).json(req.user); | 77 | res.status(200).json(req.user); |
| 78 | }); | 78 | }); |
| 79 | 79 | ... | ... |
| ... | @@ -2,7 +2,9 @@ const jwt = require("jsonwebtoken"); | ... | @@ -2,7 +2,9 @@ const jwt = require("jsonwebtoken"); |
| 2 | 2 | ||
| 3 | const jwtGenerator = (id) => { | 3 | const jwtGenerator = (id) => { |
| 4 | // https://github.com/auth0/node-jsonwebtoken | 4 | // https://github.com/auth0/node-jsonwebtoken |
| 5 | - const token = jwt.sign({ id }, JWT_SECRET, { expiresIn: "2 days" }); | 5 | + const token = jwt.sign({ id }, process.env.JWT_SECRET, { |
| 6 | + expiresIn: "2 days", | ||
| 7 | + }); | ||
| 6 | return token; | 8 | return token; |
| 7 | }; | 9 | }; |
| 8 | 10 | ... | ... |
| 1 | const jwt = require("jsonwebtoken"); | 1 | const jwt = require("jsonwebtoken"); |
| 2 | +const asyncHandler = require("express-async-handler"); | ||
| 3 | +const User = require("../models/userModel"); | ||
| 2 | 4 | ||
| 3 | -const authHandler = (err, req, res, next) => { | 5 | +const authHandler = asyncHandler(async (req, res, next) => { |
| 4 | - next(); | 6 | + // Check if token exists |
| 5 | -}; | 7 | + if (!req.headers.authorization) { |
| 8 | + res.status(401); | ||
| 9 | + throw new Error("Not authorized"); | ||
| 10 | + } | ||
| 11 | + | ||
| 12 | + // Evaluate the token | ||
| 13 | + const token = req.headers.authorization.split(" ")[1]; | ||
| 14 | + const decoded = jwt.verify( | ||
| 15 | + token, | ||
| 16 | + process.env.JWT_SECRET, | ||
| 17 | + function (err, decoded) { | ||
| 18 | + if (err) { | ||
| 19 | + res.status(401); | ||
| 20 | + throw new Error("Not authorized"); | ||
| 21 | + } | ||
| 22 | + return decoded; | ||
| 23 | + } | ||
| 24 | + ); | ||
| 25 | + | ||
| 26 | + const user = await User.findById(decoded.id).select("-password"); | ||
| 27 | + req.user = user; | ||
| 28 | + return next(); | ||
| 29 | +}); | ||
| 6 | 30 | ||
| 7 | module.exports = { authHandler }; | 31 | module.exports = { authHandler }; | ... | ... |
| 1 | const express = require("express"); | 1 | const express = require("express"); |
| 2 | const router = express.Router(); | 2 | const router = express.Router(); |
| 3 | const { signupUser, loginUser, getSelf } = require("../actions/userActions"); | 3 | const { signupUser, loginUser, getSelf } = require("../actions/userActions"); |
| 4 | +const { authHandler } = require("../middleware/authMiddleware"); | ||
| 4 | 5 | ||
| 5 | router.post("/", signupUser); | 6 | router.post("/", signupUser); |
| 6 | router.post("/login", loginUser); | 7 | router.post("/login", loginUser); |
| 7 | -router.get("/self", getSelf); | 8 | +router.get("/self", authHandler, getSelf); |
| 8 | 9 | ||
| 9 | module.exports = router; | 10 | module.exports = router; | ... | ... |
-
Please register or login to post a comment