mrfrys-node-server/modules/api/auth.middleware.js

const logger = require('../../utils/logger.js')
const dbtools = require('../../utils/dbtools.js')

const usersDBName = 'users'

const exceptions = [
  'favicon',
  '/login'
]

// TODO: session

module.exports = function (options) {
  const { authDB } = options

  return function (req, res, next) {
    logger.DebugLog(`AUTH: ${req.url}`, 'auth', 1)
    const isException = exceptions.some((exc) => {
      return req.url === exc
    })

    if (isException) {
      next()
      return
    }

    const user = GetUserByPW(authDB, req.cookies.pw)

    if (user) {
      next()
    } else {
      res.render('login')
    }
  }
}

function GetUserByPW (db, password) {
  if (password === undefined) {
    return
  }

  const res = dbtools.Select(db, usersDBName, {
    pw: password
  })
  if (res) {
    return res[0]
  }
}