34 lines
903 B
JavaScript
34 lines
903 B
JavaScript
const express = require('express')
|
|
const dotenv = require('dotenv');
|
|
const jwt = require('jsonwebtoken');
|
|
const cors = require('cors')
|
|
const app = express()
|
|
let corsOptions = fs.readFileSync('origin.cors');
|
|
app.use(cors(corsOptions));
|
|
dotenv.config();
|
|
let port = process.env.PORT || 5000;
|
|
app.get('/*', (req, res, next) => {
|
|
try {
|
|
const token = req.query.access_token;
|
|
var cert = fs.readFileSync('id_rsa');
|
|
const verified = jwt.verify(token, cert);
|
|
if(verified){
|
|
var path = require('path');
|
|
let file = req.params[0];
|
|
return res.sendFile(file, { root: path.join(__dirname, '../') });
|
|
}else{
|
|
// Access Denied
|
|
return res.status(401).send(error);
|
|
}
|
|
} catch (error) {
|
|
// JsonWebTokenError @invalid token
|
|
return res.status(400).send(error);
|
|
}
|
|
})
|
|
|
|
app.listen(port, () => {
|
|
console.log(`FileAccessJWT API listening on port ${port}`)
|
|
})
|
|
|
|
|