How do i check if user is admin using jwt on sailsjs

Question

I'm using the sailsjs framework on my server side and angularjs on my front end to build a SPA and using jsonwebtoken to do token authentication. My user api has the information: name: string, email: email, admin: Boolean, which are the information I use to generate the token and send to the front end save in localstorage. My question is: how could I do to verify (check if the token is valid already is ready and everything is working) if the user is admin on my server-side?

Thank you in advance.

Below my current policy to check the token on the server-side

module.exports = function(req, res, next) {
  var token;

  if (req.headers && req.headers.authorization) {
    var parts = req.headers.authorization.split(' ');
    if (parts.length == 2) {
      var scheme = parts[0],
        credentials = parts[1];

      if (/^Bearer$/i.test(scheme)) {
        token = credentials;
      }
    } else {
      return res.json(401, {
        err: 'Format is Authorization: Bearer [token]'
      });
    }
  } else if (req.param('token')) {
    token = req.param('token');
    // We delete the token from param to not mess with blueprints
    delete req.query.token;
  } else {
    return res.json(401, {
      err: 'No Authorization header was found'
    });
  }

  sailsTokenAuth.verifyToken(token, function(err, token) {
    if (err) {
      console.log('ERR estou em tokenauth policies');
      return res.json(401, {
        err: 'The token is not valid'
      });

    }

    req.token = token;

    next();

  });
};

How do i check if user is admin using jwt on sailsjs

Answers (1)

Related Questions