2021-03-05 14:17:10 +01:00
|
|
|
const log = require('../log')
|
2022-11-04 12:22:21 +01:00
|
|
|
|
|
|
|
|
const Auth = {
|
2020-01-30 12:39:32 +01:00
|
|
|
|
2022-11-04 12:22:21 +01:00
|
|
|
isAuth (req, res, next) {
|
|
|
|
|
// TODO: check anon user
|
2023-12-04 23:12:39 +01:00
|
|
|
if (req.user && req.user.is_active) {
|
2020-01-30 23:43:58 +01:00
|
|
|
next()
|
|
|
|
|
} else {
|
2022-03-10 12:37:05 +01:00
|
|
|
res.sendStatus(403)
|
2020-01-30 23:43:58 +01:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
2019-09-11 19:12:24 +02:00
|
|
|
isAdmin (req, res, next) {
|
2023-12-04 23:12:39 +01:00
|
|
|
if (req.user && req.user.is_admin && req.user.is_active) {
|
2020-01-30 23:43:58 +01:00
|
|
|
next()
|
|
|
|
|
} else {
|
2022-03-10 12:37:05 +01:00
|
|
|
res.sendStatus(403)
|
2020-01-30 23:43:58 +01:00
|
|
|
}
|
2020-01-27 00:47:03 +01:00
|
|
|
},
|
|
|
|
|
|
2024-02-09 22:14:52 +01:00
|
|
|
isAdminOrEditor (req, res, next) {
|
|
|
|
|
if (req.user && req.user.is_active && (req.user.is_admin || req.user.is_editor)) {
|
|
|
|
|
next()
|
|
|
|
|
} else {
|
|
|
|
|
res.sendStatus(403)
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
2020-01-30 23:43:58 +01:00
|
|
|
// TODO
|
2020-01-27 00:47:03 +01:00
|
|
|
hasPerm (scope) {
|
|
|
|
|
return (req, res, next) => {
|
2021-03-05 14:17:10 +01:00
|
|
|
log.debug(scope, req.path)
|
2021-05-19 16:38:22 +02:00
|
|
|
oauth.oauthServer.authenticate({ scope })(req, res, err => {
|
|
|
|
|
if (err) {
|
|
|
|
|
next()
|
|
|
|
|
} else {
|
|
|
|
|
next(Error(err))
|
|
|
|
|
}
|
2020-01-27 00:47:03 +01:00
|
|
|
})
|
2019-06-06 23:54:32 +02:00
|
|
|
}
|
2019-09-11 19:12:24 +02:00
|
|
|
}
|
2019-04-03 00:25:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports = Auth
|
