87 lines
3.0 KiB
JavaScript
87 lines
3.0 KiB
JavaScript
import jwt from 'jsonwebtoken';
|
|
import config from '../../config.json' with {type: "json"};
|
|
import GroupService from '../services/group.js';
|
|
import UserService from '../services/user.js';
|
|
import customError from '../response/customError.js';
|
|
import responseCodes from '../response/responseCodes.js';
|
|
|
|
const TAG = "/middlewares/auth.js";
|
|
|
|
const requireUsername = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
|
|
const { username } = req.body;
|
|
if (!username) throw new customError(`requireUsername username is required`, responseCodes.responses.usernames.required)
|
|
next();
|
|
};
|
|
|
|
const requirePassword = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
|
|
const { password } = req.body;
|
|
if (!password) throw new customError(`requirePassword password is required`, responseCodes.responses.passwords.required);
|
|
next();
|
|
};
|
|
|
|
const authenticate = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
if (!req.headers.authorization) throw new customError(`authenticate no authorization header`, responseCodes.responses.authentication.not_found);
|
|
|
|
const token = req.headers.authorization.split(' ')[1];
|
|
if (!token) throw new customError(`authenticate no authorization token in header`, responseCodes.responses.authentication.not_found);
|
|
|
|
let user = jwt.decode(token, config.secret);
|
|
|
|
await UserService.getByUsername(user.login.username)
|
|
|
|
if (!jwt.verify(token, config.secret)) throw new customError(`authenticate token is invalid`, responseCodes.responses.authentication.invalid);
|
|
|
|
next();
|
|
};
|
|
|
|
const authorizeGroupOwner = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
|
|
const token = req.headers.authorization.split(' ')[1];
|
|
|
|
const { groupId } = req.params;
|
|
|
|
let user = jwt.decode(token, config.secret);
|
|
|
|
let adminId = await GroupService.getAdminId(groupId);
|
|
if (user.login.id != adminId) throw new customError(`authorizeGroupOwner not an owner`, responseCodes.responses.groups.not_an_owner)
|
|
next();
|
|
};
|
|
|
|
const checkGroupPassword = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
|
|
const { groupId } = req.params;
|
|
const { password } = req.body;
|
|
|
|
const groupPassword = await GroupService.getPassword(groupId);
|
|
|
|
if (groupPassword != password) throw new customError(`checkGroupPassword password is invalid`, responseCodes.responses.passwords.invalid);
|
|
next();
|
|
|
|
};
|
|
|
|
const userIsInGroup = async (req, res, next) => {
|
|
if (req.method == "OPTIONS") next();
|
|
|
|
const groupId = req.body.groupId || req.params.groupId;
|
|
|
|
const token = req.headers.authorization.split(' ')[1];
|
|
let user = jwt.decode(token, config.secret);
|
|
if (!await UserService.isInGroup(user.login.id, groupId)) throw new customError(`userIsInGroup not a member`, responseCodes.responses.groups.not_a_member)
|
|
next();
|
|
};
|
|
|
|
export default {
|
|
requireUsername,
|
|
requirePassword,
|
|
authenticate,
|
|
authorizeGroupOwner,
|
|
checkGroupPassword,
|
|
userIsInGroup
|
|
}; |