@andreabiagini5/applicazioni-e-servizi-web-project
Version:
Project for Applicazioni e Servizi Web.
96 lines • 3.7 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.authenticateTokenSocket = void 0;
exports.authenticateToken = authenticateToken;
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
const cookie = __importStar(require("cookie"));
const jwt_1 = require("../config/jwt");
/**
* Authentication middleware for ReST API. Those APIs that use this middleware won't receive the request unless the authorization header is properly configured
* with a valid JWT token. If the middleware passes, the req object will have an account property with the account data.
* @returns {Response} a 401 if the token is not present or if the token is not correct, the next function result otherwise
*/
async function authenticateToken(req, res, next) {
var _a;
const token = (_a = req.cookies) === null || _a === void 0 ? void 0 : _a.token;
if (!token) {
res.status(401).json({ message: 'Unauthorized' });
return;
}
try {
const decoded = jsonwebtoken_1.default.verify(token, jwt_1.secret);
req.account = decoded;
next();
}
catch (_b) {
res.status(401).json({ message: 'Invalid token' });
return;
}
}
/**
* Authentication middleware for socket.io. Those sockets that use this middleware won't receive the request unless the authorization header is properly configured
* with a valid JWT token.
* @param socket the socket object
* @param next the next middleware function
*/
const authenticateTokenSocket = (socket, next) => {
const cookieHeader = socket.handshake.headers.cookie;
if (!cookieHeader) {
next(new Error('No cookies sent'));
return;
}
const cookies = cookie.parse(cookieHeader);
const token = cookies.token;
if (!token) {
next(new Error('No token found in cookies'));
return;
}
try {
const userData = jsonwebtoken_1.default.verify(token, jwt_1.secret);
socket.data = userData;
next();
return;
}
catch (err) {
next(new Error('Invalid token'));
return;
}
};
exports.authenticateTokenSocket = authenticateTokenSocket;
//# sourceMappingURL=auth.js.map