I am following this tutorial and I want to do something similiar, when my user access other routes diferents then register and login I want him to send the token to give the access to those routes.
If I do a request to /login or /register everyhting fine.
But when I do a request to /fotos, my app.use(jwtPermission)
; should be executed.
Here is my app server initial page:
var jwt = require('jsonwebtoken');
var jwtPermission = require('./controller/jwtPermission');
var fotos = require('./routes/fotos');
var app = express();
var router = express.Router();
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use('/',require('./routes/index'));
app.use(jwtPermission);
app.use('/fotos',fotos);
my jwtPermission file is inside the controller, this controller folder is at the same level then my server initial start file.
Here is what I have in my jwtPermission:
var jwt = require('jsonwebtoken');
var jwtConfig = require('../config/jwt');
module.exports = function(req, res, next) {
console.log("entered");
// check header or url parameters or post parameters for token
var token = req.body.token || req.query.token || req.headers['x-access-token'];
console.log(req.headers['x-access-token']);
// decode token
if (token) {
// verifies secret and checks exp
jwt.verify(token,jwtConfig.secret, function (err, decoded) {
if (err) {
return res.json({ success: false, message: 'Failed to authenticate token.' });
} else {
// if everything is good, save to request for use in other routes
req.decoded = decoded;
next();
}
});
} else {
// if there is no token
// return an error
return res.status(403).send({
success: false,
message: 'No token provided.'
});
}
}
if I point to /fotos it never reaches the jwtPermission file, if I change the app.use(jwtPermission) above my register app.use, it works, but the middleware get called for all routes including the /register /login.
Need some help please :).
Thanks!
via Cris dois
No comments:
Post a Comment