278b204b3b
* Added hidden text to site for scraping * Login token will be destroyed if fetch site totals is called and the token is bad * Moved passwords out of application and into a .env file that is loaded on startup * Changed prod database password for primary user (which is dev) * Set up .env for dev and prod
26 lines
558 B
JavaScript
26 lines
558 B
JavaScript
var jwt = require('jsonwebtoken');
|
|
|
|
let Auth = {}
|
|
|
|
const tokenSecretKey = process.env.JSON_KEY
|
|
|
|
Auth.createToken = (userId) => {
|
|
const signedData = {'id': userId, 'date':Date.now()}
|
|
const token = jwt.sign(signedData, tokenSecretKey)
|
|
return token
|
|
}
|
|
Auth.decodeToken = (token) => {
|
|
return new Promise((resolve, reject) => {
|
|
jwt.verify(token, tokenSecretKey, function(err, decoded){
|
|
if(err || decoded.id == undefined){
|
|
reject('Bad Token')
|
|
return
|
|
}
|
|
//Pass back decoded token
|
|
resolve(decoded)
|
|
return
|
|
});
|
|
})
|
|
}
|
|
|
|
module.exports = Auth |