add api auth

galvez · galvez · commit fc5404272c6a · 2019-04-28T17:52:14.000-03:00
diff --git a/api.js b/api.js
@@ -1,7 +1,7 @@
 import { sign, verify } from 'jsonwebtoken'
 import { json } from 'body-parser'
 import { parse } from 'cookie'
-import { addUser, authUser } from './db'
+import { addUser, authUser, getUser } from './db'
 
 const expiresIn = '90d'
 const sessionSecret = 'some truly random value'
@@ -45,6 +45,35 @@ export default [
       res.end()
     }
   },
+  (req, res, next) => {
+    if (!req.url.startsWith('/api')) {
+      return next()
+    }
+    if (!req.headers.authorization) {
+      res.statusCode = 401
+      res.end()
+      return
+    }
+    const tokenMatch = req.headers.authorization.match(/Bearer (.+)/)
+    if (tokenMatch) {
+      const jwtData = verify(tokenMatch[1], sessionSecret)
+      if (jwtData) {
+        req.email = jwtData.email
+        req.token = tokenMatch[1]
+        return next()
+      }
+    }
+    res.statusCode = 401
+    res.end()
+  },
+  {
+    path: '/api/user',
+    async handler(req, res, next) {
+      const user = await getUser(req.email)
+      res.json({ user })
+      res.end()
+    }
+  },
   (req, res, next) => {
     const cookies = req.headers.cookie || ''
     const parsedCookies = parse(cookies) || {}
diff --git a/db.js b/db.js
@@ -33,3 +33,7 @@ export function authUser({ email, password }) {
   }
   return false
 }
+
+export function getUser(email) {
+  return db.users[email]
+}
diff --git a/middleware/auth.js b/middleware/auth.js
@@ -6,6 +6,6 @@ export default function ({ store, route, redirect, req }) {
     })
   }
   if (!store.state.user.authenticated) {
-    redirect('/register')
+    return redirect('/register')
   }
 }
diff --git a/nuxt.config.js b/nuxt.config.js
@@ -8,5 +8,6 @@ export default {
   },
   http: {
     baseURL: 'http://localhost:3030'
-  }
+  },
+  plugins: ['~/plugins/http']
 }
diff --git a/pages/index.vue b/pages/index.vue
@@ -1,6 +1,6 @@
 <template>
   <div>
-    Hello, {{ user.email }}!
+    Hello, {{ user.name }}!
   </div>
 </template>
 
@@ -9,6 +9,11 @@ import { mapState } from 'vuex'
 
 export default {
   middleware: 'auth',
-  computed: mapState(['user'])
+  data: () => ({
+    user: {}
+  }),
+  async asyncData({ $http, store }) {
+    return $http.$get('api/user')
+  }
 }
 </script>
diff --git a/plugins/http.js b/plugins/http.js
@@ -0,0 +1,8 @@
+export default function ({ $http, store }) {
+  $http.onRequest((config) => {
+    if (store.state.user.authenticated) {
+      config.headers.set('Authorization', `Bearer ${store.state.user.token}`)
+    }
+    return config
+  })
+}

Original file line number	Diff line number	Diff line change
`@@ -33,3 +33,7 @@ export function authUser({ email, password }) {`
`33`	`33`	`}`
`34`	`34`	`return false`
`35`	`35`	`}`
	`36`	`+`
	`37`	`+export function getUser(email) {`
	`38`	`+ return db.users[email]`
	`39`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,6 @@ export default function ({ store, route, redirect, req }) {`
`6`	`6`	`})`
`7`	`7`	`}`
`8`	`8`	`if (!store.state.user.authenticated) {`
`9`		`- redirect('/register')`
	`9`	`+ return redirect('/register')`
`10`	`10`	`}`
`11`	`11`	`}`
Original file line number	Diff line number	Diff line change
`@@ -8,5 +8,6 @@ export default {`
`8`	`8`	`},`
`9`	`9`	`http: {`
`10`	`10`	`baseURL: 'http://localhost:3030'`
`11`		`- }`
	`11`	`+ },`
	`12`	`+ plugins: ['~/plugins/http']`
`12`	`13`	`}`