Express middleware to authenticate users.
Checks the custom x-access-token
header. If that is not found
or the token in it is not valid, returns a 401.
If token is valid, User
is fetched from the database
and attached to request as req.user
.
A token is valid when:
- Signature verification is successful
- It has not expired
- It is a token with type access
- Source:
Members
(private, inner) decoded :TokenPayload
Type:
- TokenPayload
- Source: