| 33 | } |
| 34 | |
| 35 | var checkAccessToken = function (accessToken) { |
| 36 | return new Promise((resolve, reject) => { |
| 37 | if (_.isEmpty(accessToken)) { |
| 38 | return reject(new AppError.Unauthorized()); |
| 39 | } |
| 40 | var config = require('../core/config'); |
| 41 | var tokenSecret = _.get(config, 'jwt.tokenSecret'); |
| 42 | var jwt = require('jsonwebtoken'); |
| 43 | try { |
| 44 | var authData = jwt.verify(accessToken, tokenSecret); |
| 45 | } catch (e) { |
| 46 | return reject(new AppError.Unauthorized()); |
| 47 | } |
| 48 | var uid = _.get(authData, 'uid', null); |
| 49 | var hash = _.get(authData, 'hash', null); |
| 50 | if (parseInt(uid) > 0) { |
| 51 | return models.Users.findOne({ |
| 52 | where: {id: uid} |
| 53 | }) |
| 54 | .then((users) => { |
| 55 | if (_.isEmpty(users)) { |
| 56 | throw new AppError.Unauthorized(); |
| 57 | } |
| 58 | if (!_.eq(hash, security.md5(users.get('ack_code')))){ |
| 59 | throw new AppError.Unauthorized(); |
| 60 | } |
| 61 | resolve(users); |
| 62 | }) |
| 63 | .catch((e) => { |
| 64 | reject(e); |
| 65 | }); |
| 66 | } else { |
| 67 | reject(new AppError.Unauthorized()); |
| 68 | } |
| 69 | }); |
| 70 | } |
| 71 | |
| 72 | middleware.checkToken = function(req, res, next) { |
| 73 | var authArr = _.split(req.get('Authorization'), ' '); |