-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.js
71 lines (62 loc) · 1.44 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
const createHttpError = require("http-errors");
const { User } = require("./db/models");
const restoreUser = async (req, res, next) => {
if (!req.session.auth || !req.session.auth.userId) {
res.locals.authenticated = false;
return next();
}
const { userId } = req.session.auth;
try {
const user = await User.findByPk(userId);
if (user) {
res.locals.authenticated = true;
res.locals.user = user;
next();
} else {
res.locals.authenticated = false;
next();
}
} catch (error) {
res.locals.authenticated = false;
next(error);
}
};
/**
* Adds the user ID to an `auth` object on `req.session`
* @param {*} req
* @param {*} user
*/
const loginUser = (req, user) => {
return new Promise((resolve, reject) => {
req.session.auth = { userId: user.id };
req.session.save((err) => {
if (err) {
return reject(err);
}
resolve();
});
});
};
const redirectUnauthedToLogin = async (req, res, next) => {
if (res.locals.authenticated && res.locals.user) {
return next();
}
return res.redirect("/login");
};
const requireAuth = [restoreUser, redirectUnauthedToLogin];
// API middlewares to require auth
const requireAuthApi = [
restoreUser,
(req, res, next) => {
if (!res.locals.authenticated) {
return next(createHttpError(401));
}
next();
},
];
module.exports = {
loginUser,
requireAuth,
requireAuthApi,
restoreUser,
};