HyperSpaceOut/jackboxpartypack-gamepicker
3
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3da97a39adcf52ec0a4b0cd36999882981328280
jackboxpartypack-gamepicker/backend/routes/auth.js

46 lines
1.0 KiB
JavaScript
Raw Normal View History

initial commit
2025-10-30 04:27:43 -04:00
const express = require('express');
const jwt = require('jsonwebtoken');
const { JWT_SECRET, authenticateToken } = require('../middleware/auth');
feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor
2026-03-23 09:25:50 -04:00
const { findAdminByKey } = require('../config/load-admins');
initial commit
2025-10-30 04:27:43 -04:00
const router = express.Router();
router.post('/login', (req, res) => {
const { key } = req.body;
if (!key) {
return res.status(400).json({ error: 'Admin key is required' });
}
feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor
2026-03-23 09:25:50 -04:00
const admin = findAdminByKey(key);
if (!admin) {
initial commit
2025-10-30 04:27:43 -04:00
return res.status(401).json({ error: 'Invalid admin key' });
}
const token = jwt.sign(
feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor
2026-03-23 09:25:50 -04:00
{ role: 'admin', name: admin.name, timestamp: Date.now() },
initial commit
2025-10-30 04:27:43 -04:00
JWT_SECRET,
{ expiresIn: '24h' }
);
feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor
2026-03-23 09:25:50 -04:00
res.json({
token,
name: admin.name,
initial commit
2025-10-30 04:27:43 -04:00
message: 'Authentication successful',
expiresIn: '24h'
});
});
router.post('/verify', authenticateToken, (req, res) => {
feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor
2026-03-23 09:25:50 -04:00
if (!req.user.name) {
return res.status(403).json({ error: 'Token missing admin identity, please re-login' });
}
res.json({
valid: true,
user: req.user
initial commit
2025-10-30 04:27:43 -04:00
});
});
module.exports = router;
Reference in New Issue Copy Permalink