siimee/backend/lib/auth/strategies/jwt.js

'use strict'
const JWT = require('jsonwebtoken')

module.exports = options => {
    return {
        key: options.jwtKey,
        verifyOptions: {
            algorithms: ['HS256'],
        },
        validate: (decoded, request, h) => {
            const token = request.headers.authorization
            try {
                const validatedJwt = JWT.verify(token, process.env.APP_SECRET)
                return {
                    isValid: true,
                    credentials: validatedJwt.payload.email,
                }
            } catch (err) {
                console.error('ERROR :=>', err)
                return { isValid: false, error: err.message }
            }
        },
    }
}