Auth
There are two ways to verify if a user is authenticated:
- Using the
passport.authenticate()method, specifying 'JWT' as the strategy in the route declaration.
Example:
app.post('/route', passport.authenticate('jwt', { session: false}), function(req, res) { });After the passport.authenticate() method is called, the user object is accessible via req.user
- Check if the request header has the JSON web token (JWT).
Example:
getToken = function (headers) {
if (headers && headers.authorization) {
var parted = headers.authorization.split(' ');
if (parted.length === 2) {
return parted[1];
} else {
return null;
}
} else {
return null;
}
};
var token = getToken(req.headers);
if (token) {
var decoded = jwt.decode(token, config.get(mongodb.secret));
}