19 lines
586 B
TypeScript
19 lines
586 B
TypeScript
|
import express from 'express'
|
||
|
import { verifyJwt, AuthRequiredError } from '@atproto/xrpc-server'
|
||
|
import { DidResolver } from '@atproto/did-resolver'
|
||
|
|
||
|
export const validateAuth = async (
|
||
|
req: express.Request,
|
||
|
serviceDid: string,
|
||
|
didResolver: DidResolver,
|
||
|
): Promise<string> => {
|
||
|
const { authorization = '' } = req.headers
|
||
|
if (!authorization.startsWith('Bearer ')) {
|
||
|
throw new AuthRequiredError()
|
||
|
}
|
||
|
const jwt = authorization.replace('Bearer ', '').trim()
|
||
|
return verifyJwt(jwt, serviceDid, async (did: string) => {
|
||
|
return didResolver.resolveAtprotoKey(did)
|
||
|
})
|
||
|
}
|