I'm new to node.js and express, I've implemented signing in and verification functionality using JWT cookies, how after verifying the user is signed in I can retrieve his username to use in other pages?
This is my auth.js file where I have the login and verify functions:
const bcrypt = require('bcrypt');
const UserDB = require('../models/UserModel');
const jwt = require('jsonwebtoken');
exports.login = function(req,res,next){
let username = req.body.username;
let password = req.body.password;
UserDB.lookup(username,function(err,user){
if(err){
console.log("error looking up user",err);
return res.status(401).send();
}
if(!user){
console.log("user " username " not found");
return res.status(401).send();
}
bcrypt.compare(password,user.password,function(err,result){
if(result){
console.log("confirm")
let payload = {username:username};
let accessToken = jwt.sign(payload,process.env.ACCESS_TOKEN_SECRET,{expiresIn: 120});
res.cookie("jwt",accessToken);
next();
}
else
{
return res.status(403).send();
}
});
});
};
exports.verify = function(req,res,next){
let accessToken = req.cookies.jwt;
if(!accessToken){
return res.status(403).send();
}
let payload;
try{
payload = jwt.verify(accessToken, process.env.ACCESS_TOKEN_SECRET);
next();
}
catch(e){
console.log("Not authorized")
res.status(401).send();
}
};
I've read that I can add it in the verification function but I don't know how, I want to use it as follows:
exports.admin_panel = function(req,res){
res.render('adminpanel',{
'user': //add the username
})
}
CodePudding user response:
change verify() function like this:
exports.verify = function(req,res,next){
let accessToken = req.cookies.jwt;
if(!accessToken){
return res.status(403).send();
}
let payload = jwt.verify(accessToken, process.env.ACCESS_TOKEN_SECRET);
if(!payload){
console.log("Not authorized")
res.status(401).send();
}
req.user = payload.username
next();
};