1
0
mirror of https://github.com/Foltik/Shimapan synced 2025-01-22 23:00:37 -05:00
shimapan/app/util/requireAuth.js

39 lines
1.5 KiB
JavaScript

const Key = require('../models/Key.js');
const wrap = require('./wrap.js');
const verifyScope = require('./verifyScope.js');
// Checks for authentication by either API Key or Session
// Sets body.authUser and body.authKey if check passed
// If the request is authenticated and has the desired scope, continue.
// If the request is authenticated, but lacks the required scope, return 403 Forbidden.
// If the request is unauthenticated, return 401 Unauthorized.
const requireAuth = scope =>
wrap(async (req, res, next) => {
if (req.isAuthenticated()) {
if (scope ? verifyScope(req.session.passport.scope, scope) : true) {
req.username = req.session.passport.user;
req.displayname = req.session.passport.displayname;
req.scope = req.session.passport.scope;
req.key = null;
next();
} else {
res.status(403).json({message: 'Forbidden.'});
}
} else if (req.body.key) {
const key = await Key.findOne({key: key});
if (scope ? verifyScope(key.scope, scope) : true) {
req.username = key.issuer;
req.displayname = key.issuer;
req.scope = key.scope;
req.key = key.key;
next();
} else {
res.status(403).json({message: 'Forbidden.'});
}
} else {
res.status(401).json({'message': 'Unauthorized.'});
}
});
module.exports = requireAuth;