UNPKG

node-enterprise-starter

Version:

<h1 align="center">Node Enterprise Starter</h1>

55 lines (43 loc) 1.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import { NextFunction, Request, Response } from "express"; import httpStatus from "http-status"; import { JwtPayload } from "jsonwebtoken"; import AppError from "../errors/AppError"; import catchAsync from "../utils/catchAsync"; import { verifyToken } from "../utils/tokenGenerateFunction"; import config from "../../config"; import { userRole } from "../modules/Auth/auth.utils"; import User from "../modules/Auth/auth.model"; const Auth = (...requiredRoles: (keyof typeof userRole)[]) => { return catchAsync(async (req: Request, res: Response, next: NextFunction) => { const token = req.headers.authorization; // checking if the token is missing if (!token) { throw new AppError(httpStatus.UNAUTHORIZED, "You are not authorized!"); } // Extract the token without "Bearer " prefix const tokenWithoutBearer = token.split(" ")[1]; if (!tokenWithoutBearer) { throw new AppError(httpStatus.UNAUTHORIZED, "Invalid token format!"); } const decoded = verifyToken( tokenWithoutBearer, config.jwt_access_secret as string ) as JwtPayload; const { role, email, iat } = decoded; // checking if the user exists const user = await User.findOne({ email: email }); if (!user) { throw new AppError(httpStatus.NOT_FOUND, "This user is not found !"); } // checking if the user is banned if (user?.isBanned) { throw new AppError(httpStatus.FORBIDDEN, "This user is banned!"); } if (requiredRoles && !requiredRoles.includes(role)) { throw new AppError(httpStatus.UNAUTHORIZED, "You are not authorized"); } req.user = decoded as JwtPayload; next(); }); }; export default Auth;