Created
December 8, 2019 07:00
-
-
Save alant/4d93af5de450acf6f36f511b5dea6d95 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const authCheck = (req, res, next) => { | |
let token = req.headers['x-access-token'] || req.headers['authorization']; // Express headers are auto converted to lowercase | |
if (token.startsWith('Bearer ')) { | |
// Remove Bearer from string | |
token = token.slice(7, token.length); | |
} | |
if (!token) return res.status(401).send({ auth: false, message: 'No token provided.' }); | |
jwt.verify(token, process.env.JWT_SECRET, function(err, decoded) { | |
if (err) { | |
console.log("==> jwt error: ", err); | |
return res.status(500).send({ auth: false, message: 'Failed to authenticate token.' }); | |
} | |
req.decoded = decoded; | |
next(); | |
}); | |
}; | |
app.get("/profile", authCheck, async (req, res) => { | |
// console.log("==> /profile req.decoded: ", req.decoded); | |
const profile = await User.findUser(req.decoded.email); | |
res.json({ | |
user: profile | |
}); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Keybase proof
I hereby claim:
To claim this, I am signing this object:
with the key ASDpjOKnGfM9mPS1VpH6KnN21g83Fk_AWU-uxxu0oPrW_go, yielding the signature:
And finally, I am proving ownership of the github account by posting this as a gist.
My publicly-auditable identity:
https://keybase.io/fabianmonrroy
From the command line:
Consider the keybase command line program.
# look me up keybase id fabianmonrroy