async function authMiddleware(req, res, next) { const authHeader = req.headers.authorization; // Verifying if the token is in the auth header or else, the user isn't allowed to proceed if (!authHeader) { return res .status(401) .json({ error: 'Token not provided - User not allowed' }); } const [, token] = authHeader.split(' '); try { const decoded = await promisify(jwt.verify)(token, process.env.JWT_SECRET); // Passing the id to the next routes req.userId = decoded.id; return next(); } catch (err) { return res.status(404).json({ error: 'Invalid token' }); } }
new Promise(function(resolve) { let orderNoVerif = jwt.decode(ctx.meta.cookies["order_no_verif"]); self.logger.info("orders.manageUser() #2 - orderNoVerif:", orderNoVerif); if ( orderNoVerif && orderNoVerif.id && orderNoVerif.email ) { let user = { id: orderNoVerif.id, externalId: null, username: null, email: orderNoVerif.email }; ctx.params.orderParams["user"] = user; self.settings.orderTemp["user"] = user; self.logger.info("orders.manageUser() #2 - 'order_no_verif' user:", user); } resolve(ctx); }) .then( (oldCtx) => { return oldCtx; })
const currentUser = await User.findById(decoded.id); if (!currentUser) { return next(