-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
52 lines (43 loc) · 1.26 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
import dotenv from "dotenv";
dotenv.config();
import express from "express";
const app = express();
import { auth, requiredScopes } from "express-oauth2-jwt-bearer";
import cors from "cors";
if (!process.env.ISSUER_BASE_URL || !process.env.AUDIENCE) {
throw "Make sure you have ISSUER_BASE_URL, and AUDIENCE in your .env file";
}
const corsOptions = {
origin: "http://localhost:3000",
};
app.use(cors(corsOptions));
const checkJwt = auth();
app.get("/api/public", function (req, res) {
res.json({
message:
"Hello from a public endpoint! You don't need to be authenticated to see this.",
});
});
app.get("/api/external", checkJwt, function (req, res) {
res.json({
message:
"Hello from a private endpoint! You need to be authenticated to see this.",
});
});
app.get(
"/api/private-scoped",
checkJwt,
requiredScopes("read:messages"),
function (req, res) {
res.json({
message:
"Hello from a private endpoint! You need to be authenticated and have a scope of read:messages to see this.",
});
}
);
app.use(function (err, req, res, next) {
console.error(err.stack);
return res.set(err.headers).status(err.status).json({ message: err.message });
});
app.listen(3001);
console.log("Listening on http://localhost:3001");