System Information
- Strapi Version: v4.1.7
- Operating System: macOS X 10.15.7
- Database: mysql
- Node Version: v14.18.2
- NPM Version: 6.14.15
- Yarn Version: 1.22.17
Hey all!
I am trying to write a policy which will pass through authenticated users or limit access to a known API token.
Therefore, I created a API token with the name development in the administration panel.
The policy looks like this:
"use strict";
/**
* `is-dev-or-authenticated` policy.
*/
module.exports = (policyContext, config, { strapi }) => {
strapi.log.info("In is-dev-or-authenticated policy.");
if (policyContext.state.user) {
// if a session is open
// go to next policy or reach the controller's action
return true;
}
const authHeader = policyContext.request.header.authorization;
if (!authHeader) {
return false;
}
const token = authHeader.split(" ")[1];
console.log(token);
console.log(strapi.admin.services.token.decodeJwtToken(token));
return true;
};
As you can see, I am trying to get some information about the used API token in the request.
console.log(token);
really returns the used token.
But console.log(strapi.admin.services.token.decodeJwtToken(token));
says { payload: null, isValid: false }
How can I get the information if the used token is the one with the name development
?