parent
51addd4a31
commit
e5f65d0b80
|
@ -3,11 +3,15 @@ import {
|
|||
ExpressMiddlewareInterface
|
||||
} from "routing-controllers";
|
||||
|
||||
// @Middleware({ type: "before" })
|
||||
export class JWTAuth implements ExpressMiddlewareInterface {
|
||||
use(request: any, response: any, next?: (err?: any) => any): any {
|
||||
const token = <string>request.headers["auth"];
|
||||
try {
|
||||
/**
|
||||
TODO: idk if we should always check the db if refreshtokencount is valid?
|
||||
seems like a lot of db overhead
|
||||
at the same time it's basically our only option to support proper logouts
|
||||
*/
|
||||
const jwtPayload = <any>jwt.verify(token, "secretjwtsecret");
|
||||
// const jwtPayload = <any>jwt.verify(token, process.env.JWT_SECRET);
|
||||
response.locals.jwtPayload = jwtPayload;
|
||||
|
|
Loading…
Reference in New Issue