import {Meteor} from 'meteor/meteor';
import {Accounts} from 'meteor/accounts-base';
import Fiber from 'fibers';
/**
* SimpleRest middleware for validating a Meteor.user's login token
*
* This middleware must be processed after the request.token has been set to a
* valid login token for a Meteor.user account (from a separate layer of
* middleware). If authentication is successful, the request.userId will be set
* to the ID of the authenticated user.
*
* @middleware
* @param {Request} req Request
* @param {Response} res Response
* @param {Function} next Next callback
* @returns {void} nothing
*/
export const authenticateMeteorUserByToken =
function(req, res, next) {
// eslint-disable-next-line new-cap
Fiber(function() {
var userId = getUserIdFromAuthToken(req.authToken);
if (userId) {
req.userId = userId;
}
next();
}).run();
};
/**
* Retrieves the ID of the Meteor.user that the given auth token belongs to
*
* @param {string} token An unhashed auth token
* @returns {String} The ID of the authenticated Meteor.user, or null if token
* is invalid
*/
function getUserIdFromAuthToken(token) {
if (!token) {
return null;
}
var user = Meteor.users.findOne({
'services.resume.loginTokens.hashedToken': Accounts._hashLoginToken(token),
});
if (user) {
return user._id;
}
return null;
}