I'm developing a JavaScript/MySQL RESTful API for a business manager system using Express, Body-parser and MySQL. Currently, I am working on access tokens. Before any API call, the body must include an API key that is being verified by the API. In every API call function, I first check if the access token exists and if so, the API executes MySQL commands and sends back results.
The important thing is that I want to create a function that checks whether the access token exists and returns true or false. However, I can't figure out how to return this boolean value from the conn.query() method. Any help will be very much appreciated, I am desperate.
Here is my code:
function checkApiKey(apiKey) {
let sql = "SELECT * FROM apikeys WHERE apikey = '" + apiKey + "'";
conn.query(sql, (err, results) => {
if (err) throw err;
if (results.length > 0) return true;
return false;
});
}
app.get("/api/users",(req, res) => {
if (checkApiKey(req.body.apiKey)) {
let sql = "SELECT * FROM users";
let query = conn.query(sql, (err, results) => {
if (err) throw err;
res.send(results);
});
}
});
However, the checkApiKey() method returns undefined...
Your checkApiKey function returns undefined, because your logic returns true or false within sql's callback function.
I'd recommend another approach, using checkApiKey as middleware function:
const checkApiKey = (req, res, next) => {
conn.query("SELECT * FROM apikeys WHERE apikey = ?", [req.body.apiKey], (err, result) => {
if (err) throw err
if (results)
next() // continue to next router function
else
res.status(403).end('Unauthorized') // resolve with 403
})
}
app.get("/api/users",
checkApiKey, // middleware auth function
(req, res) => {
conn.query("SELECT * FROM users", (err, results) => {
if (err) throw err;
res.send(results)
})
})