hoxu
/
gitstats
mirror of https://github.com/hoxu/gitstats
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
372 Commits
2 Branches
Tree: 5007c86ab3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5007c86ab3'
${ noResults }
gitstats/test_repository/server/guards/adminGuard.js

adminGuard.js 1.1KB
History Raw

12345678910111213141516171819202122232425262728293031 
  1. /* Guard that only allows admins to access whatever route the guard is attached to */

  2. 

  3. var jwt = require('jsonwebtoken');

  4. 

  5. var config = require('../config');

  6. 

  7. exports.adminGuard = function (req, res, next) {

  8.     //Check for a token in the body, params or headers

  9.     var token = req.body.token || req.query.token || req.headers['x-access-token'];

  10. 

  11.     //Check that a token was actually supplied

  12.     if (token) {

  13.         //Now check that the token is actually legitimate

  14.         jwt.verify(token, config.secretKey, function (err, decoded) {

  15.             //If there was an error during the verification, the user is not authenticated

  16.             if (err)

  17.                 return res.status(403).send({success: false, error: "Failed to authenticate token."});

  18. 

  19.             //Otherwise, the user is valid

  20.             else {

  21.                 req.decoded = decoded;

  22.                 next();

  23.             }

  24.         });

  25.     }

  26. 

  27.     //Otherwise, do not proceed and send back an error

  28.     else {

  29.         return res.status(403).send({success: false, error: "No token provided in request."});

  30.     }

  31. };