bsfe_server/src/middlewares/auth.js

87 lines
3.0 KiB
JavaScript
Raw Normal View History

2024-10-26 05:31:22 +03:00
import jwt from 'jsonwebtoken';
import config from '../../config.json' with {type: "json"};
import GroupService from '../services/group.js';
import UserService from '../services/user.js';
import customError from '../response/customError.js';
import responseCodes from '../response/responseCodes.js';
2024-10-26 05:31:22 +03:00
2024-10-27 05:45:12 +03:00
const TAG = "/middlewares/auth.js";
2024-10-26 05:31:22 +03:00
const requireUsername = async (req, res, next) => {
2024-10-26 05:31:22 +03:00
if (req.method == "OPTIONS") next();
const { username } = req.body;
if (!username) throw new customError(`requireUsername username is required`, responseCodes.responses.usernames.required)
next();
2024-10-27 05:45:12 +03:00
};
const requirePassword = async (req, res, next) => {
if (req.method == "OPTIONS") next();
const { password } = req.body;
if (!password) throw new customError(`requirePassword password is required`, responseCodes.responses.passwords.required);
next();
2024-10-27 05:45:12 +03:00
};
2024-10-26 05:31:22 +03:00
const authenticate = async (req, res, next) => {
if (req.method == "OPTIONS") next();
if (!req.headers.authorization) throw new customError(`authenticate no authorization header`, responseCodes.responses.authentication.not_found);
2024-10-31 07:47:27 +03:00
const token = req.headers.authorization.split(' ')[1];
if (!token) throw new customError(`authenticate no authorization token in header`, responseCodes.responses.authentication.not_found);
2024-10-31 07:47:27 +03:00
let user = jwt.decode(token, config.secret);
await UserService.getByUsername(user.login.username)
if (!jwt.verify(token, config.secret)) throw new customError(`authenticate token is invalid`, responseCodes.responses.authentication.invalid);
2024-10-26 05:31:22 +03:00
next();
2024-10-27 05:45:12 +03:00
};
2024-10-26 05:31:22 +03:00
const authorizeGroupOwner = async (req, res, next) => {
if (req.method == "OPTIONS") next();
const token = req.headers.authorization.split(' ')[1];
2024-10-26 05:31:22 +03:00
const { groupId } = req.params;
2024-10-26 05:31:22 +03:00
let user = jwt.decode(token, config.secret);
let adminId = await GroupService.getAdminId(groupId);
if (user.login.id != adminId) throw new customError(`authorizeGroupOwner not an owner`, responseCodes.responses.groups.not_an_owner)
next();
2024-10-27 05:45:12 +03:00
};
2024-10-26 05:31:22 +03:00
const checkGroupPassword = async (req, res, next) => {
if (req.method == "OPTIONS") next();
const { groupId } = req.params;
const { password } = req.body;
2024-10-26 05:31:22 +03:00
const groupPassword = await GroupService.getPassword(groupId);
2024-10-26 05:31:22 +03:00
if (groupPassword != password) throw new customError(`checkGroupPassword password is invalid`, responseCodes.responses.passwords.invalid);
next();
2024-10-26 05:31:22 +03:00
2024-10-27 05:45:12 +03:00
};
2024-10-26 05:31:22 +03:00
const userIsInGroup = async (req, res, next) => {
if (req.method == "OPTIONS") next();
const groupId = req.body.groupId || req.params.groupId;
2024-10-27 05:45:12 +03:00
const token = req.headers.authorization.split(' ')[1];
let user = jwt.decode(token, config.secret);
if (!await UserService.isInGroup(user.login.id, groupId)) throw new customError(`userIsInGroup not a member`, responseCodes.responses.groups.not_a_member)
next();
2024-10-27 05:45:12 +03:00
};
export default {
requireUsername,
requirePassword,
authenticate,
authorizeGroupOwner,
checkGroupPassword,
userIsInGroup
};