MCPcopy Index your code
hub / github.com/lisong/code-push-server / checkAccessToken

Function checkAccessToken

core/middleware.js:35–70  ·  view source on GitHub ↗
(accessToken)

Source from the content-addressed store, hash-verified

33}
34
35var checkAccessToken = function (accessToken) {
36 return new Promise((resolve, reject) => {
37 if (_.isEmpty(accessToken)) {
38 return reject(new AppError.Unauthorized());
39 }
40 var config = require('../core/config');
41 var tokenSecret = _.get(config, 'jwt.tokenSecret');
42 var jwt = require('jsonwebtoken');
43 try {
44 var authData = jwt.verify(accessToken, tokenSecret);
45 } catch (e) {
46 return reject(new AppError.Unauthorized());
47 }
48 var uid = _.get(authData, 'uid', null);
49 var hash = _.get(authData, 'hash', null);
50 if (parseInt(uid) > 0) {
51 return models.Users.findOne({
52 where: {id: uid}
53 })
54 .then((users) => {
55 if (_.isEmpty(users)) {
56 throw new AppError.Unauthorized();
57 }
58 if (!_.eq(hash, security.md5(users.get('ack_code')))){
59 throw new AppError.Unauthorized();
60 }
61 resolve(users);
62 })
63 .catch((e) => {
64 reject(e);
65 });
66 } else {
67 reject(new AppError.Unauthorized());
68 }
69 });
70}
71
72middleware.checkToken = function(req, res, next) {
73 var authArr = _.split(req.get('Authorization'), ' ');

Callers 1

middleware.jsFile · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected