29 lines
952 B
JavaScript
29 lines
952 B
JavaScript
let tokens = {};
|
|
|
|
function credentialsLog (req, res) {
|
|
console.log(`Login: ${req.session.login}`);
|
|
console.log(`Token: ${req.session.token}`);
|
|
console.log(`Tokens[login]: ${tokens[req.session.login]}`)
|
|
}
|
|
|
|
function authenticate (req, res, next) {
|
|
credentialsLog(req, res)
|
|
if (!req.session.login || !req.session.token)
|
|
return res.status(403).send("Either login or token was not specified")
|
|
if (tokens[req.session.login] != req.session.token)
|
|
return res.status(403).send("Invalid credentials");
|
|
next();
|
|
}
|
|
|
|
function authorize (req, res, next) {
|
|
credentialsLog(req, res)
|
|
// if (!req.session.login || !req.session.token)
|
|
// next();
|
|
req.isAdmin = (req.session.token && req.session.login) &&
|
|
tokens[req.session.login] != req.session.token || false
|
|
next();
|
|
}
|
|
|
|
module.exports.authorize = authorize
|
|
module.exports.authenticate = authenticate
|
|
module.exports.tokens = tokens |