Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const {strategy} = this.metadata;
if (strategy === JWT_STRATEGY_NAME) {
const jwtStrategy = new JwtStrategy(
{
secretOrKey: JWT_SECRET,
jwtFromRequest: ExtractJwt.fromExtractors([
ExtractJwt.fromAuthHeaderAsBearerToken(),
ExtractJwt.fromUrlQueryParameter('access_token'),
]),
},
(payload, done) => this.verifyToken(payload, done),
);
// we will use Loopback's StrategyAdapter so we can leverage passport's strategy
// and also we don't have to implement a new strategy adapter.
return new StrategyAdapter(jwtStrategy, JWT_STRATEGY_NAME);
}
}