jwt-middleware-auth 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +58 -0
- package/package.json +14 -0
package/index.js
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
const jwt = require('jsonwebtoken');
|
|
2
|
+
|
|
3
|
+
const verifyToken = (secret) => {
|
|
4
|
+
return (req, res, next) => {
|
|
5
|
+
const authHeader = req.headers.token;
|
|
6
|
+
|
|
7
|
+
if (authHeader) {
|
|
8
|
+
const token = authHeader.split(' ')[1];
|
|
9
|
+
jwt.verify(token, secret, (err, user) => {
|
|
10
|
+
if (err) {
|
|
11
|
+
return res.status(401).json({ message: 'Invalid Token' });
|
|
12
|
+
}
|
|
13
|
+
req.user = user;
|
|
14
|
+
next();
|
|
15
|
+
});
|
|
16
|
+
} else {
|
|
17
|
+
return res.status(401).json({ message: 'Token is not provided' });
|
|
18
|
+
}
|
|
19
|
+
};
|
|
20
|
+
};
|
|
21
|
+
//for updatin User information
|
|
22
|
+
const verifyTokenAndAutherization = (req, res, next) => {
|
|
23
|
+
verifyToken(req, res, () => {
|
|
24
|
+
console.log('checking if user is authorized');
|
|
25
|
+
console.log(req.user.id, req.params.id);
|
|
26
|
+
if (req.user.id === req.params.id || req.user.role === 'admin') {
|
|
27
|
+
console.log('user is authorized');
|
|
28
|
+
next();
|
|
29
|
+
} else {
|
|
30
|
+
console.log('called');
|
|
31
|
+
res.status(403).json('You Are Not Authorized');
|
|
32
|
+
}
|
|
33
|
+
});
|
|
34
|
+
};
|
|
35
|
+
|
|
36
|
+
// for all access
|
|
37
|
+
const verifyAdmin = (req, res, next) => {
|
|
38
|
+
verifyToken(req, res, () => {
|
|
39
|
+
req.user.id == req.params.id || req.user.isAdmin == true ? next() : res.status(403).json('You Are Not admin');
|
|
40
|
+
});
|
|
41
|
+
};
|
|
42
|
+
// for all access
|
|
43
|
+
const verifyManager = (req, res, next) => {
|
|
44
|
+
verifyToken(req, res, () => {
|
|
45
|
+
req.user.id == req.params.id || req.user.role == 'manager' ? next() : res.status(403).json('You Are Not manager');
|
|
46
|
+
});
|
|
47
|
+
};
|
|
48
|
+
//for seller access
|
|
49
|
+
const verifySeller = (req, res, next) => {
|
|
50
|
+
verifyToken(req, res, () => {
|
|
51
|
+
req.user.id == req.params.id || req.user.role == 'seller' || req.user.role == 'paymentManager'
|
|
52
|
+
? next()
|
|
53
|
+
: res.status(403).json('You Are Not Authorized');
|
|
54
|
+
});
|
|
55
|
+
};
|
|
56
|
+
// verifyProduct
|
|
57
|
+
|
|
58
|
+
module.exports = { verifyToken, verifySeller, verifyAdmin, verifyTokenAndAutherization, verifyManager };
|
package/package.json
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "jwt-middleware-auth",
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"description": "A flexible middleware library for JWT authentication in Express.js",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
|
8
|
+
},
|
|
9
|
+
"keywords": ["jwt", "express", "middleware", "auth"],
|
|
10
|
+
"license": "MIT",
|
|
11
|
+
"dependencies": {
|
|
12
|
+
"jsonwebtoken": "^8.5.1"
|
|
13
|
+
}
|
|
14
|
+
}
|