@tasolutions/express-core
Version:
All libs for express
40 lines (36 loc) • 1.35 kB
JavaScript
const jwt = require('jsonwebtoken');
const { jwtInfo, appName, basicAuthInfo } = require('../config');
const { HttpStatus, Response } = require('../utils');
const basicAuth = require('basic-auth');
module.exports = {
/**
* JWT middleware verify bearer token
* @param req
* @param res
* @param next
* @return {*}
*/
authorize: async (req, res, next) => {
if (!req.headers.authorization) return Response.error(res, 'No credentials sent!', HttpStatus.FORBIDDEN);
jwt.verify(req.headers.authorization.split(' ')[1], jwtInfo.jwtSecret, async function (err, decode) {
if (err) return Response.error(res, 'Invalid auth token provided.', HttpStatus.UNAUTHORIZED);
req.userLogin = decode;
next();
});
},
/**
* JWT middleware basic auth
* @param req
* @param res
* @param next
* @return {*}
*/
basicAuth: async (req, res, next) => {
const credentials = basicAuth(req);
if (!credentials || credentials.name !== basicAuthInfo.username || credentials.pass !== basicAuthInfo.password) {
res.setHeader('WWW-Authenticate', 'Basic realm="Authorization Required"');
return Response.error(res, 'Invalid basic auth provided.', HttpStatus.UNAUTHORIZED);
}
next();
}
}