mirror of
https://github.com/sasjs/server.git
synced 2025-12-11 03:34:35 +00:00
70 lines
1.6 KiB
TypeScript
70 lines
1.6 KiB
TypeScript
import jwt from 'jsonwebtoken'
|
|
import { verifyTokenInDB } from '../utils'
|
|
|
|
export const authenticateAccessToken = (req: any, res: any, next: any) => {
|
|
authenticateToken(
|
|
req,
|
|
res,
|
|
next,
|
|
process.env.ACCESS_TOKEN_SECRET as string,
|
|
'accessToken'
|
|
)
|
|
}
|
|
|
|
export const authenticateRefreshToken = (req: any, res: any, next: any) => {
|
|
authenticateToken(
|
|
req,
|
|
res,
|
|
next,
|
|
process.env.REFRESH_TOKEN_SECRET as string,
|
|
'refreshToken'
|
|
)
|
|
}
|
|
|
|
const authenticateToken = (
|
|
req: any,
|
|
res: any,
|
|
next: any,
|
|
key: string,
|
|
tokenType: 'accessToken' | 'refreshToken' = 'accessToken'
|
|
) => {
|
|
const { MODE } = process.env
|
|
if (MODE?.trim() !== 'server') {
|
|
req.user = {
|
|
userId: '1234',
|
|
clientId: 'desktopModeClientId',
|
|
username: 'desktopModeUsername',
|
|
displayName: 'desktopModeDisplayName',
|
|
isAdmin: true,
|
|
isActive: true
|
|
}
|
|
req.accessToken = 'desktopModeAccessToken'
|
|
return next()
|
|
}
|
|
|
|
const authHeader = req.headers['authorization']
|
|
const token = authHeader?.split(' ')[1]
|
|
if (!token) return res.sendStatus(401)
|
|
|
|
jwt.verify(token, key, async (err: any, data: any) => {
|
|
if (err) return res.sendStatus(401)
|
|
|
|
// verify this valid token's entry in DB
|
|
const user = await verifyTokenInDB(
|
|
data?.userId,
|
|
data?.clientId,
|
|
token,
|
|
tokenType
|
|
)
|
|
|
|
if (user) {
|
|
if (user.isActive) {
|
|
req.user = user
|
|
if (tokenType === 'accessToken') req.accessToken = token
|
|
return next()
|
|
} else return res.sendStatus(401)
|
|
}
|
|
return res.sendStatus(401)
|
|
})
|
|
}
|