feat(verification):Implement user verification

- Write a verification function to verify user token - Write a verification function to verify admin token
andela · Apr 2, 2019 · ee13163 · ee13163
1 parent 9bbc57b
commit ee13163
Showing 1 changed file with 58 additions and 0 deletions.
diff --git a/server/helpers/validations.js b/server/helpers/validations.js
@@ -1,4 +1,5 @@
 import Joi from 'joi';
+import Authenticate from './auth';
 
 const validations = {
   /**
@@ -17,6 +18,63 @@ const validations = {
     }
     return true;
   },
+  verifyAuthHeader(req) {
+    if (!req.headers.authorization) {
+      return { error: 'error' };
+    }
+    const token = req.headers.authorization;
+    const payload = Authenticate.decode(token);
+    if (!payload) {
+      return { error: 'token' };
+    }
+    return payload;
+  },
+
+  /**
+   * @method verifyUser
+   * @description Verifies the token provided by the user
+   * @param {*} req
+   * @param {*} res
+   * @returns {*} - JSON response object
+   */
+
+  verifyUser(req, res, next) {
+    const payload = validations.verifyAuthHeader(req);
+    let error;
+    let status;
+    if (!payload || payload === 'error') {
+      status = 401;
+      error = 'You are not authorized';
+    }
+    if (payload.error === 'token') {
+      status = 403;
+      error = 'Forbidden';
+    }
+    if (error) {
+      return res.status(status).json({ status, error });
+    }
+    req.user = payload;
+    return next();
+  },
+  /**
+   * @method verifyAdmin
+   * @description Verifies the token provided by the Admin
+   * @param {*} req
+   * @param {*} res
+   * @param {*} next
+   * @returns {*} - JSON response object
+   */
+  verifyAdmin(req, res, next) {
+    const payload = validations.verifyAuthHeader(req);
+    const { isadmin } = payload;
+    if (isadmin !== true) {
+      return res.status(401).json({
+        status: 401,
+        error: 'You are not authorized to access this endpoint.',
+      });
+    }
+    return next();
+  },
 };
 
 export default validations;