gitadmin/api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52a4570e85
api/middlewares/auth.js
pawan-dot 52a4570e85 cms
2022-11-01 16:08:06 +05:30

52 lines
1.4 KiB
JavaScript
Raw Blame History

import User from "../models/userModel.js";
import jwt from "jsonwebtoken";
import ErrorHander from "../Utils/errorhander.js"
export const isAuthenticatedUser = async (req, res, next) => {
try {
if (!req.headers.authorization) {
return res.status(400).json({
success: false,
message: "Login to Access this resource",
});
}
const getToken = req.headers;
//remove Bearer from token
const fronttoken = getToken.authorization.slice(7);
const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
if (!frontdecoded) {
return res.status(200).json({
success: false,
message: "incorrect token",
});
}
const fuser = await User.findById(frontdecoded.id);
req.user = fuser;
next();
} catch (error) {
return res.status(400).json({
success: false,
message: error.message,
});
}
};
export const authorizeRoles = (...roles) => {//pass admin
return (req, res, next) => {
if (!roles.includes(req.user.role)) {
return next(
new ErrorHander(
`Role: ${req.user.role} is not allowed to access this resouce `,
403
)
);
}
next();
};
};
Reference in New Issue View Git Blame Copy Permalink