-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
50 lines (40 loc) · 1.39 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
const express = require('express');
const app = express();
const jwt = require('express-jwt');
const jwtAuthz = require('express-jwt-authz');
const jwksRsa = require('jwks-rsa');
var port = 8080;
const checkJwt = jwt({
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://dev-2talc8t2.us.auth0.com/.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: 'https://quickstarts/api',
issuer: [`https://dev-2talc8t2.us.auth0.com/`],
algorithms: ['RS256']
});
// This route doesn't need authentication
app.get('/api/public', function (req, res) {
console.log("api called")
res.json({
message: 'Hello from a public endpoint! You don\'t need to be authenticated to see this.'
});
});
// This route needs authentication
app.get('/api/private', checkJwt, function (req, res) {
res.json({
message: 'Hello from a private endpoint! You need to be authenticated to see this.'
});
});
const checkScopes = jwtAuthz(['read:messages']);
app.get('/api/private-scoped', checkJwt, checkScopes, function (req, res) {
res.json({
message: 'Hello from a private endpoint! You need to be authenticated and have a scope of read:messages to see this.'
});
});
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`)
})