ryanfitz · Pravasith · Jan 9, 2018
diff --git a/lib/index.js b/lib/index.js
@@ -2,96 +2,108 @@
 
 var Boom = require('boom');
 var Hoek = require('hoek');
-var jwt  = require('jsonwebtoken');
+var jwt = require('jsonwebtoken');
 
 
 // Declare internals
 
 var internals = {};
 
+exports.plugin = {
+    pkg: require('../package.json'),
+    register: function(server) {
 
-exports.register = function (server, options, next) {
-
-  server.auth.scheme('jwt', internals.implementation);
-  next();
+        server.auth.scheme('jwt', internals.implementation);
+    }
 };
 
-exports.register.attributes = {
-    pkg: require('../package.json')
-};
 
 
-internals.implementation = function (server, options) {
 
-  Hoek.assert(options, 'Missing jwt auth strategy options');
-  Hoek.assert(options.key, 'Missing required private key in configuration');
+internals.implementation = function(server, options) {
 
-  var settings = Hoek.clone(options);
-  settings.verifyOptions = settings.verifyOptions || {};
+    Hoek.assert(options, 'Missing jwt auth strategy options');
+    Hoek.assert(options.key, 'Missing required private key in configuration');
+    Hoek.assert(typeof options.validate === 'function', 'options.validate must be a valid function in basic scheme');
 
-  var scheme = {
-    authenticate: function (request, reply) {
+    var settings = Hoek.clone(options);
+    // settings.verifyOptions = settings.verifyOptions || {};
 
-      var req = request.raw.req;
-      var authorization = req.headers.authorization;
-      if (!authorization) {
-        return reply(Boom.unauthorized(null, 'Bearer'));
-      }
+    var scheme = {
+        authenticate: async function(request, h) {
 
-      var parts = authorization.split(/\s+/);
 
-      if (parts.length !== 2) {
-        return reply(Boom.badRequest('Bad HTTP authentication header format', 'Bearer'));
-      }
+            var authorization = request.headers.authorization;
 
-      if (parts[0].toLowerCase() !== 'bearer') {
-        return reply(Boom.unauthorized(null, 'Bearer'));
-      }
+            if (!authorization) {
+                throw Boom.unauthorized(null, 'Bearer', settings.unauthorizedAttributes);
+            }
 
-      if(parts[1].split('.').length !== 3) {
-        return reply(Boom.badRequest('Bad HTTP authentication header format', 'Bearer'));
-      }
+            var parts = authorization.split(/\s+/);
 
-      var token = parts[1];
+            if (parts[0].toLowerCase() !== 'bearer') {
+                throw Boom.unauthorized(null, 'Bearer', settings.unauthorizedAttributes);
+            }
 
-      jwt.verify(token, settings.key, settings.verifyOptions || {}, function(err, decoded) {
-        if(err && err.message === 'jwt expired') {
-          return reply(Boom.unauthorized('Expired token received for JSON Web Token validation', 'Bearer'));
-        } else if (err) {
-          return reply(Boom.unauthorized('Invalid signature received for JSON Web Token validation', 'Bearer'));
-        }
 
-        if (!settings.validateFunc) {
-          return reply.continue({ credentials: decoded });
-        }
 
+            if (parts.length !== 2) {
+                return Boom.badRequest('Bad HTTP authentication header format', 'Bearer');
+            }
 
-        settings.validateFunc(request, decoded, function (err, isValid, credentials) {
 
-          credentials = credentials || null;
+            if (parts[1].split('.').length !== 3) {
+                return Boom.badRequest('Bad HTTP authentication header format', 'Bearer');
+            }
 
-          if (err) {
-            return reply(err, null, { credentials: credentials });
-          }
+            var token = parts[1];
 
-          if (!isValid) {
-            return reply(Boom.unauthorized('Invalid token', 'Bearer'), null, { credentials: credentials });
-          }
+            await jwt.verify(token, settings.key, settings.verifyOptions || {})
 
-          if (!credentials || typeof credentials !== 'object') {
 
-            return reply(Boom.badImplementation('Bad credentials object received for jwt auth validation'), null, { log: { tags: 'credentials' } });
-          }
 
-          // Authenticated
+            let main = (err, decoded, h) => {
+                if (err && err.message === 'jwt expired') {
+                    return Boom.unauthorized('Expired token received for JSON Web Token validation', 'Bearer');
+                } else if (err) {
+                    return Boom.unauthorized('Invalid signature received for JSON Web Token validation', 'Bearer');
+                }
 
-          return reply.continue({ credentials: credentials });
-        });
+                if (!settings.validateFunc) {
+                    return h.continue({ credentials: decoded });
+                }
 
-      });
+                const { isValid, credentials, response } = settings.validateFunc(request, decoded, h)
+                    .then((isValid, credentials) => {
 
-    }
-  };
+                        credentials = credentials || null;
 
-  return scheme;
-};
+                        if (!isValid) {
+                            return Boom.unauthorized('Invalid token', 'Bearer'), null, { credentials: credentials };
+                        }
+
+                        if (!credentials || typeof credentials !== 'object') {
+
+                            return Boom.badImplementation('Bad credentials object received for jwt auth validation'), null, { log: { tags: 'credentials' } };
+                        }
+
+                        // Authenticated
+
+                        return h.continue({ credentials: credentials });
+
+
+                    })
+                    .catch((err) => {
+                        return h.response(err, null, { credentials: credentials });
+                    })
+
+
+            }
+
+            return h.continue
+
+        }
+    };
+
+    return scheme;
+};