Swatter-Server/JWT.js at main · BillGibsonDev/Swatter-Server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import jwt from 'jsonwebtoken';
import { UserModel } from './models/User.js';
const { sign, verify } = jwt;

export const createTokens = (user) => {
  const accessToken = sign(
    {
      username: user.username,
      id: user._id,
      avatar: user.avatar
    },
    `${process.env.NODE_ENV_JWT_SECRET}`,
    { expiresIn: '4h' }
  );
  return accessToken;
};

export const validateUser = (token) => {
  try {
    const validToken = jwt.verify(token, process.env.NODE_ENV_JWT_SECRET);
    return validToken;
  } catch (error) {
    if (error instanceof jwt.TokenExpiredError) {
      return false;
    }
    console.log('Token invalid:', error.message);
    return false;
  }
};

export const validateToken = async (req, res) => {
  const { userId } = req.params;

  const tokenAuth = req.headers.authorization;

  try {
    const validToken = jwt.verify(tokenAuth, process.env.NODE_ENV_JWT_SECRET);
    if (!validToken) { return res.status(400).json('No Valid Token Provided.'); };

    if(validToken.id !== userId){ return res.status(401).json('Token Does Not Match User.')}

    const userData = await UserModel.findById(validToken.id);
    if(!userData){ return res.status(400).json('User Does Not Exist.')};

    if (userData.token !== tokenAuth) { return res.status(400).json({ error: 'Token is Not Valid.' }); };

    const token = createTokens(userData);
    userData.token = token;

    await userData.save();

    res.status(200).json({ token: token, id: userData._id, username: userData.username });

  } catch (error) {
    if (error instanceof jwt.TokenExpiredError) {
      return 'Token expired:', error.message;
    }
    console.log(error)
    res.status(403).json({ error: 'Token Invalid.'});
  }
};