| const jose = require('jose'); |
| const passportCustom = require('passport-custom'); |
| const CustomStrategy = passportCustom.Strategy; |
| const User = require('../models/User'); |
|
|
| const joseLogin = async () => |
| new CustomStrategy(async (req, done) => { |
| const authHeader = req.headers.authorization; |
|
|
| if (!authHeader || !authHeader.startsWith('Bearer ')) { |
| return done(null, false, { message: 'No auth token' }); |
| } |
|
|
| const token = authHeader.split(' ')[1]; |
|
|
| try { |
| const secret = new TextEncoder().encode(process.env.JWT_SECRET); |
| const { payload } = await jose.jwtVerify(token, secret); |
|
|
| const user = await User.findById(payload.id); |
| if (user) { |
| done(null, user); |
| } else { |
| console.log('JoseJwtStrategy => no user found'); |
| done(null, false, { message: 'No user found' }); |
| } |
| } catch (err) { |
| if (err?.code === 'ERR_JWT_EXPIRED') { |
| console.error('JoseJwtStrategy => token expired'); |
| } else { |
| console.error('JoseJwtStrategy => error'); |
| console.error(err); |
| } |
| done(null, false, { message: 'Invalid token' }); |
| } |
| }); |
|
|
| module.exports = joseLogin; |
|
|
