shell bypass 403
const jwt = require('jsonwebtoken');
const JWT_SECRET = "l!TtLeGr()O//En";
const Teacher = require("../schema/teacher")
const cookieAuth = () => {
return async (req, res, next) => {
try {
const cookieAuthtoken = req.cookies['authtoken'];
if (cookieAuthtoken) {
const tokenAdmin = jwt.verify(cookieAuthtoken, JWT_SECRET)
const dbAdmin1 = await Teacher.findById(tokenAdmin.id)
const { _id, name, email } = dbAdmin1
const teacher = {
id: _id, name, email
}
const authtoken = jwt.sign({ id: _id, email }, JWT_SECRET);
res.cookie('authtoken', authtoken)
req.teacher = teacher
if(req.path.includes('login')){
return res.redirect('/sites/little-groovin-guitar/teacher-admin/')
}
next()
}
else {
if(!req.path.includes('login')|| !req.path.includes('register')){
res.redirect('/sites/little-groovin-guitar/teacher-admin/register')
}else{
next()
}
}
}
catch (err) {
if(!req.path.includes('login') && !req.path.includes('register')){
res.redirect('/sites/little-groovin-guitar/teacher-admin/login')
}else{
next()
}
console.log(err.message)
}
}
}
module.exports = cookieAuth