How to manually check a JWT Token

#1

I am using video.js to play MP/4 videos that are supplied via an Adonis API using response.download() to stream the videos from a protected path on the server.

However I only want registered users to view the videos.

Since video.js can not send custom headers (neither can the HTML5 video player), I want to include the the users token as a url parameter. When the request hits the controller, I want to do something like

auth.checkToken(params.token)

Is this possible?

2 Likes

#2

I believe you can write a middleware that is executed before the auth middleware. It will take the token from the query string and set it as a header for the auth middleware to work.

Something like this (untested code)

class AuthMiddleware {
   async handle ({ request }, next) {
      const token = request.input('token')
      request.request.headers.authorization = `Bearer ${token}`
     
      await next()
   }
}
4 Likes

#3

@virk Thank you. That worked perfectly.

1 Like

#4

Thanks for asking the question. I suspect you’re not / will not be the only one to encounter it.

0 Likes