1const express = require('express');
2const jwt = require('jsonwebtoken');
3
4app.set('view engine', 'ejs');
5// Simple page that a user must be authorized to access
6// using JSON web tokens:
7app.get('/lockedpage', authToken, (req, res) => {
8 res.render('lockedpage', { user: req.user });
9});
10
11function authToken(req, res, next) {
12 const token = req.cookies['auth-token'];
13 if (token == null) return res.redirect('/login');
14 jwt.verify(token, process.env.ACCESS_SECRET, (err, user) => {
15 if (err) return res.redirect('/login');
16 req.user = user;
17 next();
18 })
19}