Video 109: Accepting Authentication Tokens

task-manager/src/middleware/auth.js

@@ -0,0 +1,21 @@
+const jwt = require('jsonwebtoken')
+const User = require('../models/user')
+
+const auth = async (req, res, next) => {
+  try {
+    const token = req.header('Authorization').replace('Bearer ', '')
+    const decoded = jwt.verify(token, 'thisismynewcourse')
+    const user = await User.findOne({ _id: decoded._id, 'tokens.token': token })
+
+    if (!user) {
+      throw new Error()
+    }
+
+    req.user = user
+    next()
+  } catch (e) {
+    res.status(401).send({ error: 'Please authenticate.'}).end()
+  }
+}
+
+module.exports = auth