diff --git a/seasoned_api/src/webserver/middleware/reqTokenToUser.js b/seasoned_api/src/webserver/middleware/reqTokenToUser.js new file mode 100644 index 0000000..e3cea6a --- /dev/null +++ b/seasoned_api/src/webserver/middleware/reqTokenToUser.js @@ -0,0 +1,32 @@ +/* eslint-disable no-param-reassign */ +const configuration = require("src/config/configuration").getInstance(); +const Token = require("src/user/token"); + +const secret = configuration.get("authentication", "secret"); + +// Token example: +// curl -i -H "Authorization:[token]" localhost:31459/api/v1/user/history + +const reqTokenToUser = (req, res, next) => { + const cookieAuthToken = req.cookies.authorization; + const headerAuthToken = req.headers.authorization; + + if (cookieAuthToken || headerAuthToken) { + try { + const token = Token.fromString( + cookieAuthToken || headerAuthToken, + secret + ); + req.loggedInUser = token.user; + } catch (error) { + req.loggedInUser = undefined; + } + } else { + // guest session + console.debug("No auth token in header or cookie."); + } + + next(); +}; + +module.exports = reqTokenToUser; diff --git a/seasoned_api/src/webserver/middleware/tokenToUser.js b/seasoned_api/src/webserver/middleware/tokenToUser.js deleted file mode 100644 index 069c3e5..0000000 --- a/seasoned_api/src/webserver/middleware/tokenToUser.js +++ /dev/null @@ -1,23 +0,0 @@ -/* eslint-disable no-param-reassign */ -const configuration = require('src/config/configuration').getInstance(); - -const secret = configuration.get('authentication', 'secret'); -const Token = require('src/user/token'); - -// Token example: -// curl -i -H "Authorization:[token]" localhost:31459/api/v1/user/history - -const tokenToUser = (req, res, next) => { - const rawToken = req.headers.authorization; - if (rawToken) { - try { - const token = Token.fromString(rawToken, secret); - req.loggedInUser = token.user; - } catch (error) { - req.loggedInUser = undefined; - } - } - next(); -}; - -module.exports = tokenToUser;