wmantly/mp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
mp/consumerWebsite/middleware/authChecker.js
newtbot d2ad32e6d6 added api page 
added login
added api.ejs
added middleware for authorization check
2024-01-21 03:58:03 +08:00

31 lines
1012 B
JavaScript
Raw Blame History

const { apikeyModel } = require("../database/model/apiKeyModel");
const { userModel } = require("../database/model/userModel");
const { comparePassword } = require("../functions/bcrypt");
async function auth(req, res, next){
try{
// let user = await Auth.checkToken({token: req.header('auth-token')});
let authToken = req.header('auth-token');
let splitAuthToken = authToken.split('-');
let rowid = splitAuthToken[0];
let suppliedToken = splitAuthToken.slice(1).join('-');
//get from db
let token = await apikeyModel.findByPk(rowid, {include: userModel});
//compare
let isMatch = await comparePassword(suppliedToken, token.apikey);
if (!isMatch) return false;
//else do logic
//pass hashed token to req.token (IMPORTANT ITS NOT PASSED TO CLIENT)
req.token = token
req.user = await token.getUser();
next();
}catch(error){
next(error);
}
}
module.exports = { auth };
Reference in New Issue View Git Blame Copy Permalink