@tribeca/auth-middleware/build/auth-middleware.js

Express auth middleware for tribeca auth service

"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.default = void 0;

var _request = _interopRequireDefault(require("request"));

var _expressUnless = _interopRequireDefault(require("express-unless"));

function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

function authMiddleware(uri = "https://auth.tribeca.ovh/token/verify") {
  const handleRequest = function handleRequest(req, res, next) {
    const authorizationHeader = req.get("Authorization");

    if (!authorizationHeader) {
      res.status(401).end();
      return;
    }

    const [bearer, token] = authorizationHeader.trim().split(" ");

    if (!bearer || bearer !== "Bearer") {
      res.status(401).end();
      return;
    }

    (0, _request.default)({
      uri,
      method: "POST",
      headers: {
        "Content-Type": "application/json"
      },
      body: JSON.stringify({
        token
      })
    }, function onResponse(err, response, body) {
      if (!response || response.statusCode !== 200) {
        res.status(401).end();
        return;
      }

      req.user = JSON.parse(body);
      next();
    });
  };

  handleRequest.unless = _expressUnless.default;
  return handleRequest;
}

var _default = authMiddleware;
exports.default = _default;