gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

chore(server): Move api-server in to it's own DIR

Browse Source
This commit is contained in:
Bouncey
2018-08-31 16:04:04 +01:00
committed by mrugesh mohapatra
parent 9fba6bce4c
commit 46a217d0a5
369 changed files with 328 additions and 7431 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
api-server/server/middlewares/jwt-authorization.js Normal file
View File

@ -0,0 +1,69 @@
import loopback from 'loopback';
import jwt from 'jsonwebtoken';
import { isBefore } from 'date-fns';
import { homeLocation } from '../../../config/env';
import { wrapHandledError } from '../utils/create-handled-error';
export default () => function authorizeByJWT(req, res, next) {
const path = req.path.split('/')[1];
if (/^external$|^internal$/.test(path)) {
const cookie = req.signedCookies && req.signedCookies['jwt_access_token'] ||
req.cookie && req.cookie['jwt_access_token'];
if (!cookie) {
throw wrapHandledError(
new Error('Access token is required for this request'),
{
type: 'info',
redirect: `${homeLocation}/signin`,
message: 'Access token is required for this request',
status: 403
}
);
}
let token;
try {
token = jwt.verify(cookie, process.env.JWT_SECRET);
} catch (err) {
throw wrapHandledError(
new Error(err.message),
{
type: 'info',
redirect: `${homeLocation}/signin`,
message: 'Your access token is invalid',
status: 403
}
);
}
const { accessToken: {created, ttl, userId }} = token;
const valid = isBefore(Date.now(), Date.parse(created) + ttl);
if (!valid) {
throw wrapHandledError(
new Error('Access token is no longer vaild'),
{
type: 'info',
redirect: `${homeLocation}/signin`,
message: 'Access token is no longer vaild',
status: 403
}
);
}
if (!req.user) {
const User = loopback.getModelByType('User');
return User.findById(userId)
.then(user => {
if (user) {
user.points = user.progressTimestamps.length;
req.user = user;
}
return;
})
.then(next)
.catch(next);
} else {
return next();
}
}
return next();
};