Skip to content

I_Helmet
I_Helmet
Commit 61a8047c authored by Balasuriya D.A.M.'s avatar Balasuriya D.A.M.
Browse files
Options

Authorization Middleware

parent 5a44a3ca
Hide whitespace changes
Inline Side-by-side
Showing with 44 additions and 4 deletions
IT18021080/Telemedicine-Chat-App/backend/controllers/userControllers.js
View file @ 61a8047c
...@@ -66,7 +66,8 @@ const authUser = asyncHandler(async (req, res) => { ...@@ -66,7 +66,8 @@ const authUser = asyncHandler(async (req, res) => {
// /api/user?search = minosh - goint to creat search query // /api/user?search = minosh - goint to creat search query
//This is how to access the query (search query) //This is how to access the query (search query)
const allUsers = asyncHandler(async (req, res) => { const allUsers = asyncHandler(async (req, res) => {
const keyword = req.query.search ? { const keyword = req.query.search
? {
//use $or operation //use $or operation
$or: [ $or: [
//references from MongoDB pages.can get more information from that about $regex //references from MongoDB pages.can get more information from that about $regex
...@@ -78,7 +79,7 @@ const allUsers = asyncHandler(async (req, res) => { ...@@ -78,7 +79,7 @@ const allUsers = asyncHandler(async (req, res) => {
: {}; : {};
//query write to database //query write to database
const users = await (await User.find(keyword)); //.find({ _id: { $ne: req.user._id } }); const users = await User.find(keyword).find({ _id: { $ne: req.user._id } });
// find({_id:{$ne:req.user._id}}) - current id user loged in // find({_id:{$ne:req.user._id}}) - current id user loged in
res.send(users); //to return res.send(users); //to return
......
IT18021080/Telemedicine-Chat-App/backend/middleware/authMiddleware.js 0 → 100644
View file @ 61a8047c
//import jwt
const jwt = require("jsonwebtoken");
const User = require("../models/userModel.js");
const asyncHandler = require("express-async-handler");
//asyncHandler to handle all this errors
//use next to move on the other operations
const protect = asyncHandler(async (req, res, next) => {
let token;
if (
req.headers.authorization &&
req.headers.authorization.startsWith("Bearer")
) {
try {
token = req.headers.authorization.split(" ")[1];
//decodes token id
const decoded = jwt.verify(token, process.env.JWT_SECRET);
req.user = await User.findById(decoded.id).select("-password");
next();
} catch (error) {
res.status(401);
throw new Error("Not authorized, token failed");
}
}
//if uper bearer condtion is not satisfied this one will use
if (!token) {
res.status(401);
throw new Error("Not authorized, no token");
}
});
module.exports = { protect };
\ No newline at end of file
IT18021080/Telemedicine-Chat-App/backend/routes/userRoutes.js
View file @ 61a8047c
const express = require("express"); const express = require("express");
const { registerUser,authUser,allUsers } = require("../controllers/userControllers"); const { registerUser, authUser, allUsers } = require("../controllers/userControllers");
const { protect } = require("../middleware/authMiddleware");
const router = express.Router(); const router = express.Router();
router.route("/").post(registerUser).get(allUsers); //User searching API end point router.route("/").post(registerUser).get(protect,allUsers); //User searching API end point
router.post("/login", authUser); router.post("/login", authUser);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment