31 lines
850 B
JavaScript
31 lines
850 B
JavaScript
const { verify } = require("../util/jwt");
|
|
const User = require("../models/User");
|
|
const ErrorResponse = require("../util/errorResponse");
|
|
|
|
exports.protect = async (req, res, next) => {
|
|
try {
|
|
const { headers } = req;
|
|
if (!headers.authorization) return next();
|
|
|
|
const token = headers.authorization.split(" ")[1];
|
|
if (!token) throw new SyntaxError("Token missing or malformed");
|
|
|
|
const userVerified = await verify(token);
|
|
if (!userVerified) throw new Error("Invalid Token");
|
|
|
|
req.loggedUser = await User.findOne({
|
|
attributes: { exclude: ["email", "password"] },
|
|
where: { email: userVerified.email },
|
|
});
|
|
|
|
if (!req.loggedUser) next(new NotFoundError("User"));
|
|
|
|
headers.email = userVerified.email;
|
|
req.loggedUser.dataValues.token = token;
|
|
|
|
next();
|
|
} catch (error) {
|
|
next(error);
|
|
}
|
|
};
|