fix(auth): verify JWT access tokens

wale · wale · commit 99aa197cd73f · 2024-03-05T14:50:22.000+11:00
diff --git a/middleware/auth.ts b/middleware/auth.ts
@@ -1,9 +1,30 @@
+import jwt from "jsonwebtoken";
 import { storeToRefs } from "pinia";
 
 export default defineNuxtRouteMiddleware((to) => {
+    const runtimeConfig = useRuntimeConfig();
     const { user } = storeToRefs(useAuthStore());
 
     console.log(user.value);
 
     if (to.fullPath === "/login" && user.value.id) return navigateTo("/");
+
+    if (!user.value.id) return navigateTo("/login");
+    else
+        try {
+            // Verify JWT access token
+            const verificationPayload = jwt.verify(
+                user.value.accessToken,
+                runtimeConfig.jwtAccessSecret,
+            );
+
+            if ((verificationPayload as jwt.JwtPayload).jti)
+                return navigateTo(to.fullPath);
+            else return navigateTo("/login");
+        } catch (err) {
+            throw createError({
+                statusCode: 500,
+                statusMessage: `Server error: ${(err as Error).name}`,
+            });
+        }
 });
