2019-04-03 00:25:12 +02:00
|
|
|
const { Op } = require('sequelize')
|
2019-06-06 23:54:32 +02:00
|
|
|
const { user: User } = require('./models')
|
2019-04-03 00:25:12 +02:00
|
|
|
|
|
|
|
|
const Auth = {
|
2019-10-30 14:58:40 +01:00
|
|
|
|
|
|
|
|
/** isAuth middleware
|
|
|
|
|
* req.user is filled in server/helper.js#initMiddleware
|
|
|
|
|
*/
|
2019-09-11 19:12:24 +02:00
|
|
|
async isAuth (req, res, next) {
|
2019-04-29 00:27:29 +02:00
|
|
|
if (!req.user) {
|
|
|
|
|
return res
|
|
|
|
|
.status(403)
|
|
|
|
|
.send({ message: 'Failed to authenticate token ' })
|
|
|
|
|
}
|
2019-06-08 15:16:56 +02:00
|
|
|
|
2019-04-29 00:27:29 +02:00
|
|
|
req.user = await User.findOne({
|
|
|
|
|
where: { id: { [Op.eq]: req.user.id }, is_active: true }
|
2019-04-03 00:25:12 +02:00
|
|
|
})
|
2019-04-29 00:27:29 +02:00
|
|
|
if (!req.user) {
|
|
|
|
|
return res
|
|
|
|
|
.status(403)
|
2019-06-21 23:52:18 +02:00
|
|
|
.send({ message: 'Failed to authenticate token ' })
|
2019-04-29 00:27:29 +02:00
|
|
|
}
|
|
|
|
|
next()
|
2019-04-03 00:25:12 +02:00
|
|
|
},
|
2019-10-30 14:58:40 +01:00
|
|
|
|
|
|
|
|
/** isAdmin middleware */
|
2019-09-11 19:12:24 +02:00
|
|
|
isAdmin (req, res, next) {
|
2019-06-06 23:54:32 +02:00
|
|
|
if (!req.user) {
|
|
|
|
|
return res
|
|
|
|
|
.status(403)
|
|
|
|
|
.send({ message: 'Failed to authenticate token ' })
|
|
|
|
|
}
|
2019-09-11 19:12:24 +02:00
|
|
|
if (req.user.is_admin && req.user.is_active) { return next() }
|
2019-04-03 00:25:12 +02:00
|
|
|
return res.status(403).send({ message: 'Admin needed' })
|
2019-09-11 19:12:24 +02:00
|
|
|
}
|
2019-06-06 23:54:32 +02:00
|
|
|
|
2019-04-03 00:25:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports = Auth
|
