26 lines
575 B
JavaScript
26 lines
575 B
JavaScript
|
// @flow
|
||
|
import JWT from 'jsonwebtoken';
|
||
|
import { AuthenticationError } from '../errors';
|
||
|
import { User } from '../models';
|
||
|
|
||
|
export async function getUserForJWT(token: string) {
|
||
|
let payload;
|
||
|
try {
|
||
|
payload = JWT.decode(token);
|
||
|
} catch (err) {
|
||
|
throw new AuthenticationError('Unable to decode JWT token');
|
||
|
}
|
||
|
|
||
|
if (!payload) throw new AuthenticationError('Invalid token');
|
||
|
|
||
|
const user = await User.findById(payload.id);
|
||
|
|
||
|
try {
|
||
|
JWT.verify(token, user.jwtSecret);
|
||
|
} catch (err) {
|
||
|
throw new AuthenticationError('Invalid token');
|
||
|
}
|
||
|
|
||
|
return user;
|
||
|
}
|