Permissions authorization middleware.

2026-02-16 04:40:32 +00:00 · 2019-09-16 01:08:19 +02:00
parent ed4d37c8fb
commit de905d7e7c
23 changed files with 318 additions and 51 deletions
--- a/server/src/http/middleware/jwtAuth.js
+++ b/server/src/http/middleware/jwtAuth.js
@@ -1,23 +1,23 @@
 /* eslint-disable consistent-return */
 import jwt from 'jsonwebtoken';
 import User from '@/models/User';
-import Auth from '@/models/Auth';
+// import Auth from '@/models/Auth';

 const authMiddleware = (req, res, next) => {
+  const { JWT_SECRET_KEY } = process.env;
  const token = req.headers['x-access-token'] || req.query.token;

  const onError = () => {
-    Auth.loggedOut();
+    // Auth.loggedOut();
    res.status(401).send({
      success: false,
      message: 'unauthorized',
    });
-  }
+  };

  if (!token) {
    return onError();
  }
-  const { JWT_SECRET_KEY } = process.env;

  const verify = new Promise((resolve, reject) => {
    jwt.verify(token, JWT_SECRET_KEY, async (error, decoded) => {
@@ -26,7 +26,7 @@ const authMiddleware = (req, res, next) => {
      } else {
        // eslint-disable-next-line no-underscore-dangle
        req.user = await User.where('id', decoded._id).fetch();
-        Auth.setAuthenticatedUser(req.user);
+        // Auth.setAuthenticatedUser(req.user);

        if (!req.user) {
          return onError();