-
Notifications
You must be signed in to change notification settings - Fork 0
/
api-server.js
48 lines (40 loc) · 1.32 KB
/
api-server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
require('dotenv').config({ path: './.env.local' });
const express = require('express');
const cors = require('cors');
const morgan = require('morgan');
const helmet = require('helmet');
const { expressjwt: jwt } = require('express-jwt');
const jwksRsa = require('jwks-rsa');
const app = express();
const port = process.env.API_PORT || 3001;
const baseUrl = process.env.AUTH0_BASE_URL;
const issuerBaseUrl = process.env.AUTH0_ISSUER_BASE_URL;
const audience = process.env.AUTH0_AUDIENCE;
if (!baseUrl || !issuerBaseUrl) {
throw new Error('Please make sure that the file .env.local is in place and populated');
}
if (!audience) {
console.log('AUTH0_AUDIENCE not set in .env.local. Shutting down API server.');
process.exit(1);
}
app.use(morgan('dev'));
app.use(helmet());
app.use(cors({ origin: baseUrl }));
const checkJwt = jwt({
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `${issuerBaseUrl}/.well-known/jwks.json`
}),
audience: audience,
issuer: `${issuerBaseUrl}/`,
algorithms: ['RS256']
});
app.get('/api/shows', checkJwt, (req, res) => {
res.send({
msg: 'Your access token was successfully validated!'
});
});
const server = app.listen(port, () => console.log(`API Server listening on port ${port}`));
process.on('SIGINT', () => server.close());