'use strict' const Joi = require('joi') const pluginConfig = { handlerType: 'jwt', docs: { get: { description: 'validates session token for each step of survey', notes: 'Validates session token for each step of survey', }, }, } const validators = { payload: Joi.string(), } module.exports = { method: 'POST', path: '/validate-session', options: { ...pluginConfig.docs.get, tags: ['api'], auth: false, cors: { headers: ['Authorization', 'Content-Type'], exposedHeaders: ['Authorization', 'Access-Control-Expose-Headers'], }, handler: async function (request, h) { const hashedSessionToken = request.payload const { userService, profileService } = request.server.services() try { const validatedSessionToken = userService.validateSession(hashedSessionToken) const user = await userService.findByUserEmail( validatedSessionToken.email, ) const type = user.is_poster === 1 ? 'poster' : 'seeker' const profiles = await profileService.getCompleteProfilesFor( user.user_id, type, ) // TODO: handle user with multiple profiles... const profileId = profiles[0].profile_id return { ok: true, handler: pluginConfig.handlerType, data: { ...validatedSessionToken, profileId: profileId, }, } } catch (err) { return { ok: false, handler: pluginConfig.handlerType, data: { error: err.message }, } } }, validate: { ...validators, failAction: 'log', }, response: { schema: Joi.object({ ok: Joi.bool(), handler: Joi.string(), data: Joi.object(), }).label('validate_session_res'), failAction: 'log', }, }, }