| 1 |
rakin |
349 |
import { NextFunction, Response } from "express"; |
| 2 |
|
|
import Request from "../Request"; |
| 3 |
|
|
import jwt, { JwtPayload } from 'jsonwebtoken'; |
| 4 |
|
|
import User from "../../models/User"; |
| 5 |
|
|
|
| 6 |
|
|
export default async function Auth(request: Request, response: Response, next: NextFunction) { |
| 7 |
|
|
if (!request.user) { |
| 8 |
|
|
const { authorization } = request.headers; |
| 9 |
|
|
|
| 10 |
|
|
if (!authorization) { |
| 11 |
|
|
next(); |
| 12 |
|
|
return; |
| 13 |
|
|
} |
| 14 |
|
|
|
| 15 |
|
|
const [type, token] = authorization.split(/ +/); |
| 16 |
|
|
|
| 17 |
|
|
if (type !== "Bearer") { |
| 18 |
|
|
return response.status(401).send({ error: "Only Bearer tokens are supported" }); |
| 19 |
|
|
} |
| 20 |
|
|
|
| 21 |
|
|
if (!token) { |
| 22 |
|
|
return response.status(401).send({ error: "No Bearer token provided" }); |
| 23 |
|
|
} |
| 24 |
|
|
|
| 25 |
|
|
try { |
| 26 |
|
|
const { _id, discord_id, username } = jwt.verify(token, process.env.JWT_SECRET!) as JwtPayload; |
| 27 |
|
|
|
| 28 |
|
|
if (!_id || !discord_id || !username) { |
| 29 |
|
|
throw new Error(); |
| 30 |
|
|
} |
| 31 |
|
|
|
| 32 |
|
|
const user = await User.findOne({ _id, discord_id, username }); |
| 33 |
|
|
|
| 34 |
|
|
if (!user) { |
| 35 |
|
|
throw new Error(); |
| 36 |
|
|
} |
| 37 |
|
|
|
| 38 |
|
|
request.user = user; |
| 39 |
|
|
} |
| 40 |
|
|
catch (e) { |
| 41 |
|
|
console.log(e); |
| 42 |
|
|
return response.status(401).send({ error: "Invalid token provided" }); |
| 43 |
|
|
} |
| 44 |
|
|
} |
| 45 |
|
|
|
| 46 |
|
|
next(); |
| 47 |
|
|
} |
Parent Directory
| 
Revision Log