-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathauth.js
98 lines (90 loc) · 2.73 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// Importing required modules
const jwt = require("jsonwebtoken");
const dotenv = require("dotenv");
const User = require("../models/User");
// Configuring dotenv to load environment variables from .env file
dotenv.config();
// This function is used as middleware to authenticate user requests
exports.auth = async (req, res, next) => {
try {
// Extracting JWT from request cookies, body or header
const token =
req.cookies.token ||
req.body.token ||
req.header("Authorization").replace("Bearer ", "");
// If JWT is missing, return 401 Unauthorized response
if (!token) {
return res.status(401).json({ success: false, message: `Token Missing` });
}
try {
// Verifying the JWT using the secret key stored in environment variables
const decode = await jwt.verify(token, process.env.JWT_SECRET);
console.log(decode);
// Storing the decoded JWT payload in the request object for further use
req.user = decode;
} catch (error) {
// If JWT verification fails, return 401 Unauthorized response
return res
.status(401)
.json({ success: false, message: "token is invalid" });
}
// If JWT is valid, move on to the next middleware or request handler
next();
} catch (error) {
// If there is an error during the authentication process, return 401 Unauthorized response
return res.status(401).json({
success: false,
message: `Something Went Wrong While Validating the Token`,
});
}
};
exports.isStudent = async (req, res, next) => {
try {
const userDetails = await User.findOne({ email: req.user.email });
if (userDetails.accountType !== "Student") {
return res.status(401).json({
success: false,
message: "This is a Protected Route for Students",
});
}
next();
} catch (error) {
return res
.status(500)
.json({ success: false, message: `User Role Can't be Verified` });
}
};
exports.isAdmin = async (req, res, next) => {
try {
const userDetails = await User.findOne({ email: req.user.email });
if (userDetails.accountType !== "Admin") {
return res.status(401).json({
success: false,
message: "This is a Protected Route for Admin",
});
}
next();
} catch (error) {
return res
.status(500)
.json({ success: false, message: `User Role Can't be Verified` });
}
};
exports.isInstructor = async (req, res, next) => {
try {
const userDetails = await User.findOne({ email: req.user.email });
console.log(userDetails);
console.log(userDetails.accountType);
if (userDetails.accountType !== "Instructor") {
return res.status(401).json({
success: false,
message: "This is a Protected Route for Instructor",
});
}
next();
} catch (error) {
return res
.status(500)
.json({ success: false, message: `User Role Can't be Verified` });
}
};