mirror of
https://gitlab.com/MrFry/mrfrys-node-server
synced 2025-04-01 20:24:18 +02:00
55 lines
1.1 KiB
JavaScript
55 lines
1.1 KiB
JavaScript
const logger = require('../../utils/logger.js')
|
|
const dbtools = require('../../utils/dbtools.js')
|
|
|
|
const exceptions = [
|
|
'favicon',
|
|
'/login'
|
|
]
|
|
|
|
// TODO: session table, dont store pw in cookie
|
|
|
|
module.exports = function (options) {
|
|
const { authDB } = options
|
|
|
|
return function (req, res, next) {
|
|
const isException = exceptions.some((exc) => {
|
|
return req.url === exc
|
|
})
|
|
|
|
if (isException) {
|
|
logger.DebugLog(`EXCEPTION: ${req.url}`, 'auth', 1)
|
|
next()
|
|
return
|
|
}
|
|
|
|
const user = req.session.user || GetUserBySessionID(authDB, req.cookies.sessionID, req)
|
|
|
|
if (user) {
|
|
logger.DebugLog(`ID #${user.id}: ${req.url}`, 'auth', 1)
|
|
next()
|
|
} else {
|
|
logger.DebugLog(`No user:${req.url}`, 'auth', 1)
|
|
res.render('login')
|
|
}
|
|
}
|
|
}
|
|
|
|
function GetUserBySessionID (db, sessionID, req) {
|
|
logger.DebugLog(`Getting user from db`, 'auth', 2)
|
|
if (sessionID === undefined) {
|
|
return
|
|
}
|
|
|
|
const session = dbtools.Select(db, 'sessions', {
|
|
id: sessionID
|
|
})[0]
|
|
|
|
const user = dbtools.Select(db, 'users', {
|
|
id: session.userID
|
|
})[0]
|
|
|
|
if (user) {
|
|
req.session.user = user
|
|
return user
|
|
}
|
|
}
|