WEB-API-Assignment_3/auth.js at master · initrail/WEB-API-Assignment_3 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
require('dotenv').config()
var jwt = require('jsonwebtoken')
var secretKey = process.env.SECRET_KEY

var sessionManager = {}

sessionManager.getToken = function (user, callback) {
    var token = jwt.sign({
        name: user.Name,
        username: user.Username
    }, secretKey, { expiresIn: 1440 })
    return token
}

sessionManager.validToken = function (req, res, callback) {
    var result
    var token = req.body.token || req.headers.token
    if (token) {
        jwt.verify(token, secretKey, function (err, decoded) {
            if (err) {
                res.status(403).send({ error: 'Invalid token.' })
                result = false
            }
            else {
                req.decoded = decoded
                result = true
            }
        })
    } else {
        res.status(403).send({ error: 'No token was received.' })
        result = false
    }
    callback(result, req, res)
}

module.exports = sessionManager