@apolitical/server/src/helpers/jwt/passport.helper.js

Node.js module to encapsulate Apolitical's express server setup

'use strict';

module.exports = ({ passport, passportJwt, config }) => {
  const { COOKIE_KEY } = config.JWT.APOLITICAL;

  const jwtOptions = {
    jwtFromRequest(req) {
      let result = null;
      if (req && req.cookies && req.cookies[COOKIE_KEY]) {
        result = req.cookies[COOKIE_KEY];
      }
      return result;
    },
  };

  function jwtCallback(jwtPayload, done) {
    if (jwtPayload.sub !== 'login') {
      return done(null, false, { message: jwtPayload });
    }
    if (!jwtPayload.id) {
      return done(null, false, { message: jwtPayload });
    }
    return done(null, jwtPayload);
  }

  return {
    useJWTStrategy(secretOrKey) {
      Object.assign(jwtOptions, { secretOrKey });
      const strategy = new passportJwt.Strategy(jwtOptions, jwtCallback);
      passport.use(strategy);
    },
  };
};