function getJwtStrategy(db, settings) { const opts = {}; opts.secretOrKey = settings.jwtSecret || 'Ch4nG3 Th15'; opts.algorithms = [settings.jwtAlgorithm || 'HS256']; opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken(); const jwtStrategy = new JwtStrategy(opts, (payload, done) => { db.findById(settings.usersTable || 'users', payload.sub) .then((user) => { if (!user) { return done(null, false, { message: 'This user is not registered' }); } return done(null, user); }) .catch((err) => { done(err, null, { message: 'Error connecting to database' }); }); }); return jwtStrategy; }
passport.use(new JwtStrategy(opts, async function (jwt_payload, done) { let query = jwt_payload.email ? {email: jwt_payload.email} : {id: jwt_payload.uid}; let user = (await User.find(query))[0]; if (user.data) { if (user.data.status === "suspended") { return done(null, false, {"message": "account suspended"}); } done(null, user); } else { done(null, false); } }));
// See if the user ID in the payload exists in our database // If it does, call 'done' with that user // otherwise, call done without a user object User.findById(payload.sub, (err, user) => { console.log('hi'); if (err) { return done(err, false); } if (user) { done(null, user); } else { done(null, false); } });