directus

verify-session-jwt.ts

26 строк · 646.0 Байт

Перенос по словам

1
import getDatabase from '../database/index.js';
2
import { InvalidCredentialsError } from '@directus/errors';
3
import type { DirectusTokenPayload } from '../types/index.js';
4

5
/**
6
 * Verifies the associated session is still available and valid.
7
 *
8
 * @throws If session not found.
9
 */
10
export async function verifySessionJWT(payload: DirectusTokenPayload) {
11
	const database = getDatabase();
12

13
	const session = await database
14
		.select(1)
15
		.from('directus_sessions')
16
		.where({
17
			token: payload['session'],
18
			user: payload['id'],
19
		})
20
		.andWhere('expires', '>=', new Date())
21
		.first();
22

23
	if (!session) {
24
		throw new InvalidCredentialsError();
25
	}
26
}
27

directus

Использование cookies