shimapan/app/util/auth/authenticate.js

const ModelPath = '../../models/';
const Key = require(ModelPath + 'Key.js');
const User = require(ModelPath + 'User.js');

// Middleware that checks for authentication by either API key or session
// sets req.username, req.displayname, req.scope, and req.key if authenticated properly, otherwise throws an error.
// If the user is banned, also throw an error.
const authenticate = async (req, scope) => {
    const keyprop = req.body.key || req.query.key;
    let key = keyprop ? (await Key.findOne({key: keyprop})) : false;

    if (key) {
        if (!scope || key.scope.includes(scope)) {
            if ((await User.countDocuments({username: key.issuer, banned: true})) === 0) {
                req.username = key.issuer;
                req.displayname = key.issuer;
                req.scope = key.scope;
                req.key = key.key;
                return {authenticated: true, permission: true};
            } else return {authenticated: true, permission: false};
        } else return {authenticated: true, permission: false};
    } else if (req.isAuthenticated()) {
        if (!scope || req.session.passport.scope.includes(scope)) {
            if ((await User.countDocuments({username: req.session.passport.user, banned: true})) === 0) {
                req.username = req.session.passport.user;
                req.displayname = req.session.passport.displayname;
                req.scope = req.session.passport.scope;
                req.key = null;
                return {authenticated: true, permission: true};
            } else return {authenticated: true, permission: false};
        } else return {authenticated: true, permission: false};
    } else return {authenticated: false, permission: false};
};

module.exports = authenticate;
Rename and rework auth middleware 2019-01-02 16:47:18 -05:00			`const ModelPath = '../../models/';`
			`const Key = require(ModelPath + 'Key.js');`
			`const User = require(ModelPath + 'User.js');`

			`// Middleware that checks for authentication by either API key or session`
			`// sets req.username, req.displayname, req.scope, and req.key if authenticated properly, otherwise throws an error.`
			`// If the user is banned, also throw an error.`
			`const authenticate = async (req, scope) => {`
			`const keyprop = req.body.key \|\| req.query.key;`
			`let key = keyprop ? (await Key.findOne({key: keyprop})) : false;`

			`if (key) {`
			`if (!scope \|\| key.scope.includes(scope)) {`
			`if ((await User.countDocuments({username: key.issuer, banned: true})) === 0) {`
			`req.username = key.issuer;`
			`req.displayname = key.issuer;`
			`req.scope = key.scope;`
			`req.key = key.key;`
			`return {authenticated: true, permission: true};`
			`} else return {authenticated: true, permission: false};`
			`} else return {authenticated: true, permission: false};`
			`} else if (req.isAuthenticated()) {`
			`if (!scope \|\| req.session.passport.scope.includes(scope)) {`
			`if ((await User.countDocuments({username: req.session.passport.user, banned: true})) === 0) {`
			`req.username = req.session.passport.user;`
			`req.displayname = req.session.passport.displayname;`
			`req.scope = req.session.passport.scope;`
			`req.key = null;`
			`return {authenticated: true, permission: true};`
			`} else return {authenticated: true, permission: false};`
			`} else return {authenticated: true, permission: false};`
			`} else return {authenticated: false, permission: false};`
			`};`

			`module.exports = authenticate;`