22 lines
457 B
JavaScript
22 lines
457 B
JavaScript
import crypto from 'node:crypto';
|
|
|
|
const authenticateToken = function(req, res, next) {
|
|
const token = req.cookies.auth_token;
|
|
|
|
if(!token) {
|
|
res.redirect("/");
|
|
}
|
|
|
|
const data = token.split('.');
|
|
|
|
const hash = crypto.createHmac('sha256', process.env.AUTH_JWT_SECRET).update(data[0] + '.' + data[1]).digest('base64url');
|
|
|
|
if (hash === data[2]) {
|
|
next();
|
|
} else {
|
|
res.redirect('/users/login');
|
|
}
|
|
};
|
|
|
|
export default authenticateToken;
|