open_in_new content_copy 
const jwt = require('jsonwebtoken');

function Auth (req, res, next) {

    const token = req.session.token || req.cookies.token;

    if (!token) {
        return res.status(401).send({ error: 'Unauthorized' });
    }

    try {

        const payload = jwt.verify(token, "JWT_SECRET");
        req.user = payload;
        next();
        
    } catch (error) {
        res.status(401).send({ error: 'Unauthorized' });
    }

}

module.exports = Auth;