File size: 2,318 Bytes
ece5841 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
const { sign, verify } = require("jsonwebtoken");
const { compare, hash, genSalt } = require("bcryptjs");
const { NotAuthError } = require("./errors");
const KEY = "supersecret";
async function generatePasswordHash(password) {
const password_hash = await hash(password, await genSalt(10));
return password_hash;
}
function createJSONToken(id) {
return sign({ id }, KEY, { noTimestamp: true });
}
function validateJSONToken(token) {
return verify(token, KEY);
}
function isValidPassword(password, storedPassword) {
return compare(password, storedPassword);
}
// function checkAuthMiddleware(req, res, next) {
// if (req.method === "OPTIONS") {
// return next();
// }
// if (!req.headers.authorization) {
// console.log("NOT AUTH. AUTH HEADER MISSING.");
// return next(new NotAuthError("Not authenticated."));
// }
// const authFragments = req.headers.authorization.split(" ");
// if (authFragments.length !== 2) {
// console.log("NOT AUTH. AUTH HEADER INVALID.");
// return next(new NotAuthError("Not authenticated."));
// }
// const authToken = authFragments[1];
// try {
// const validatedToken = validateJSONToken(authToken);
// req.userid = validatedToken;
// } catch (error) {
// console.log("NOT AUTH. TOKEN INVALID.");
// return next(new NotAuthError("Not authenticated."));
// }
// next();
// }
function checkAuthMiddleware(req, res, next) {
if (req.method === "OPTIONS") {
return next();
}
let authToken = req.cookies["auth-token"];
if (!authToken) {
return res.status(401).json({ message: "Not authenticated", description: "Auth token not found" });
}
try {
const validatedToken = validateJSONToken(authToken);
req.userId = validatedToken.id;
req.isAuthenticated = true;
} catch (error) {
console.log("NOT AUTH. TOKEN INVALID.");
return res.status(401).json({ message: "Not authenticated", description: "Invalid auth token" });
}
next();
}
exports.createJSONToken = createJSONToken;
exports.validateJSONToken = validateJSONToken;
exports.isValidPassword = isValidPassword;
exports.checkAuth = checkAuthMiddleware;
exports.generatePasswordHash = generatePasswordHash;
|