|
- const ModelPath = '../../models/';
- const Key = require(ModelPath + 'Key.js');
- const User = require(ModelPath + 'User.js');
-
- // Middleware that checks for authentication by either API key or session
- // sets req.username, req.displayname, req.scope, and req.key if authenticated properly, otherwise throws an error.
- // If the user is banned, also throw an error.
- const authenticate = async (req, scope) => {
- const keyprop = req.body.key || req.query.key;
- let key = keyprop ? (await Key.findOne({key: keyprop})) : false;
-
- if (key) {
- if (!scope || key.scope.includes(scope)) {
- if ((await User.countDocuments({username: key.issuer, banned: true})) === 0) {
- req.username = key.issuer;
- req.displayname = key.issuer;
- req.scope = key.scope;
- req.key = key.key;
- return {authenticated: true, permission: true};
- } else return {authenticated: true, permission: false};
- } else return {authenticated: true, permission: false};
- } else if (req.isAuthenticated()) {
- if (!scope || req.session.passport.scope.includes(scope)) {
- if ((await User.countDocuments({username: req.session.passport.user, banned: true})) === 0) {
- req.username = req.session.passport.user;
- req.displayname = req.session.passport.displayname;
- req.scope = req.session.passport.scope;
- req.key = null;
- return {authenticated: true, permission: true};
- } else return {authenticated: true, permission: false};
- } else return {authenticated: true, permission: false};
- } else return {authenticated: false, permission: false};
- };
-
- module.exports = authenticate;
|
