chore(merge): Merge branch 'master' into authentication-with-jwt

2026-01-05 05:40:06 +00:00 · 2021-11-09 18:24:35 +05:00
parent ab62dad237 a056eed6b4
commit 61738f6a0d
83 changed files with 43080 additions and 10960 deletions
--- a/api/src/middlewares/authenticateToken.ts
+++ b/api/src/middlewares/authenticateToken.ts
@@ -0,0 +1,54 @@
+import jwt from 'jsonwebtoken'
+import { verifyTokenInDB } from '../utils'
+
+export const authenticateAccessToken = (req: any, res: any, next: any) => {
+  authenticateToken(
+    req,
+    res,
+    next,
+    process.env.ACCESS_TOKEN_SECRET as string,
+    'accessToken'
+  )
+}
+
+export const authenticateRefreshToken = (req: any, res: any, next: any) => {
+  authenticateToken(
+    req,
+    res,
+    next,
+    process.env.REFRESH_TOKEN_SECRET as string,
+    'refreshToken'
+  )
+}
+
+const authenticateToken = (
+  req: any,
+  res: any,
+  next: any,
+  key: string,
+  tokenType: 'accessToken' | 'refreshToken' = 'accessToken'
+) => {
+  const authHeader = req.headers['authorization']
+  const token = authHeader?.split(' ')[1]
+  if (!token) return res.sendStatus(401)
+
+  jwt.verify(token, key, async (err: any, data: any) => {
+    if (err) return res.sendStatus(401)
+
+    // verify this valid token's entry in DB
+    const user = await verifyTokenInDB(
+      data?.userId,
+      data?.clientId,
+      token,
+      tokenType
+    )
+
+    if (user) {
+      if (user.isActive) {
+        req.user = user
+        return next()
+      } else return res.sendStatus(401)
+    }
+    return res.sendStatus(401)
+  })
+}