· 7 years ago · May 10, 2018, 06:40 AM
1const express = require('express');
2const jwt = require('jsonwebtoken');
3
4const app = express();
5
6const SECRET_KEY = "secretkey";
7
8app.get('/api', (req, res) => {
9 res.json({
10 message: 'Welcome to the API'
11 });
12});
13
14app.post('/api', verifyToken, (req, res) => {
15 jwt.verify(req.token, SECRET_KEY, (err, authData) => {
16 if(err) {
17 res.sendStatus(403);
18 } else {
19 res.json({
20 message: 'Post created...',
21 authData
22 });
23 }
24 });
25});
26
27app.post('/api/login', (req, res) => {
28 // Mock user
29 const user = {
30 id: 1,
31 username: 'brad',
32 email: 'brad@gmail.com'
33 }
34
35 jwt.sign({user}, SECRET_KEY, (err, token) => {
36 res.json({
37 token
38 });
39 });
40});
41
42// FORMAT OF TOKEN
43// Authorization: Bearer <access_token>
44
45// Verify Token
46function verifyToken(req, res, next) {
47 // Get auth header value
48 const bearerHeader = req.headers['authorization'];
49 // Check if bearer is undefined
50 if(typeof bearerHeader !== 'undefined') {
51 // Split at the space
52 const bearer = bearerHeader.split(' ');
53 // Get token from array
54 const bearerToken = bearer[1];
55 // Set the token
56 req.token = bearerToken;
57 // Next middleware
58 next();
59 } else {
60 // Forbidden
61 res.sendStatus(403);
62 }
63}
64
65app.listen(5000, () => console.log('Server started on port 5000'));