From c554e1750e8e2166ee5abf86a43db73fcc49d269 Mon Sep 17 00:00:00 2001
From: Selim Mustafaev <selim@fastmail.fm>
Date: Wed, 6 Sep 2023 20:30:36 +0300
Subject: [PATCH] Fixes for authorization error handling

---
 .env.example      | 3 ++-
 middleware/jwt.js | 4 ++++
 routes/user.js    | 6 +++---
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/.env.example b/.env.example
index b8b044b..917e222 100644
--- a/.env.example
+++ b/.env.example
@@ -18,4 +18,5 @@ MONGO_CONNECTION_STRING = "mongodb+srv://$DB_USER_NAME:$DB_USER_PASSWORD@$DB_SER
 # JWT secrets
 
 JWT_SECRET_AUTH = ""
-JWT_SECRET_SHARED_REPORT = ""
\ No newline at end of file
+JWT_SECRET_SHARED_REPORT = ""
+JWT_EXPIRATION_TIME = "365d"
\ No newline at end of file
diff --git a/middleware/jwt.js b/middleware/jwt.js
index 1978fbb..887bbbf 100644
--- a/middleware/jwt.js
+++ b/middleware/jwt.js
@@ -16,6 +16,7 @@ module.exports = function (options) {
 					jsonwebtoken.verify(token, options.secret, (error, decoded) => {
 						if(error) {
 							res.status(401).send({ success: false, error: error.message });
+							console.error(error);
 						} else {
 							req.user = decoded;
 							next();
@@ -23,12 +24,15 @@ module.exports = function (options) {
 					});
 				} else {
 					res.status(401).send({ success: false, error: 'Unsupported authorization header' });
+					console.error('Unsupported authorization header');
 				}
 			} else {
 				res.status(401).send({ success: false, error: 'Invalid authorization header' });
+				console.error('Invalid authorization header');
 			}
 		} else {
 			res.status(401).send({ success: false, error: 'Missing authorization header' });
+			console.error('Missing authorization header');
 		}
 	};
 };
\ No newline at end of file
diff --git a/routes/user.js b/routes/user.js
index 32bf87f..91c7e68 100644
--- a/routes/user.js
+++ b/routes/user.js
@@ -40,7 +40,7 @@ router.post('/login', async (req, res) => {
 					return;
 				}
 
-				me.token = jwt.sign({ email }, '#IWantToBelieve', { expiresIn: '365d' });
+				me.token = jwt.sign({ email }, process.env.JWT_SECRET_AUTH, { expiresIn: process.env.JWT_EXPIRATION_TIME });
 				res.send({ success: true, data: me });
 			} else {
 				res.send(makeError('Incorrect login or password', errorCodes.invalidLoginOrPassword));
@@ -67,12 +67,12 @@ router.post('/signIn', async (req, res) => {
 					return;
 				}
 
-				me.token = jwt.sign({ email }, '#IWantToBelieve', { expiresIn: '365d' });
+				me.token = jwt.sign({ email }, process.env.JWT_SECRET_AUTH, { expiresIn: process.env.JWT_EXPIRATION_TIME });
 				res.send({ success: true, data: me });
 			} else {
 				let user = new User(email, password);
 				await users.insertOne(user.toDB());
-				user.token = jwt.sign({ email }, '#IWantToBelieve', { expiresIn: '365d' });
+				user.token = jwt.sign({ email }, process.env.JWT_SECRET_AUTH, { expiresIn: process.env.JWT_EXPIRATION_TIME });
 				res.send({ success: true, data: user });
 			}
 		} catch(ex) {