({
secret,
algorithm = 'HS256',
audience = '',
issuer = '',
expiresIn = '50y',
notBefore = '0s',
requestHeaderName = 'authorization',
responseHeaderName = 'X-Token',
getToken = getTokenFromHeader
}: JwtMwProps)
| 23 | * JWT middleware |
| 24 | */ |
| 25 | export const jwt = ({ |
| 26 | secret, |
| 27 | algorithm = 'HS256', |
| 28 | audience = '', |
| 29 | issuer = '', |
| 30 | expiresIn = '50y', |
| 31 | notBefore = '0s', |
| 32 | requestHeaderName = 'authorization', |
| 33 | responseHeaderName = 'X-Token', |
| 34 | getToken = getTokenFromHeader |
| 35 | }: JwtMwProps) => { |
| 36 | return function (req: Request, res: Response, next?: () => void) { |
| 37 | const token: string = getToken((req.headers[requestHeaderName] as string) ?? '') |
| 38 | |
| 39 | try { |
| 40 | // Verify the JWT token |
| 41 | const verify = jwtoken.verify(token, Array.isArray(secret) ? secret[1] : secret, { |
| 42 | algorithms: [algorithm], |
| 43 | audience, |
| 44 | issuer |
| 45 | }) |
| 46 | |
| 47 | req.user = verify |
| 48 | |
| 49 | res.setHeader( |
| 50 | responseHeaderName, |
| 51 | jwtoken.sign(req.user, Array.isArray(secret) ? secret[0] : secret, { |
| 52 | audience, |
| 53 | issuer, |
| 54 | expiresIn, |
| 55 | notBefore, |
| 56 | algorithm |
| 57 | }) |
| 58 | ) |
| 59 | next() |
| 60 | } catch { |
| 61 | next() |
| 62 | } |
| 63 | } |
| 64 | } |
no outgoing calls
no test coverage detected