[OWL] Restore auth.js — keep requireRole middleware (more complete than agent version)
This commit is contained in:
FreightDesk
parent
63e0be75b7
commit
958fd74af5
1 changed files with 29 additions and 9 deletions
|
|
@ -1,10 +1,30 @@
|
|||
// In @hermes/webapp/src/middleware/auth.js modify requireAuth to also check user role flag
|
||||
const requireAuth = (requiredRole) => (req, res, next) => {
|
||||
if (!req.session.user) return res.redirect('/login');
|
||||
if (requiredRole && req.session.user.role !== requiredRole) {
|
||||
return res.status(403).send('Forbidden: insufficient role');
|
||||
function requireAuth(req, res, next) {
|
||||
if (req.session && req.session.user) {
|
||||
res.locals.user = req.session.user;
|
||||
return next();
|
||||
}
|
||||
next();
|
||||
};
|
||||
// Export
|
||||
module.exports = { requireAuth };
|
||||
if (req.accepts('html')) {
|
||||
res.redirect('/login');
|
||||
} else {
|
||||
res.status(401).json({ error: 'Authentication required' });
|
||||
}
|
||||
}
|
||||
|
||||
function requireRole(...roles) {
|
||||
return (req, res, next) => {
|
||||
if (!req.session || !req.session.user) {
|
||||
if (req.accepts('html')) return res.redirect('/login');
|
||||
return res.status(401).json({ error: 'Authentication required' });
|
||||
}
|
||||
if (roles.includes(req.session.user.role) || req.session.user.role === 'admin') {
|
||||
return next();
|
||||
}
|
||||
if (req.accepts('html')) {
|
||||
res.status(403).render('pages/403');
|
||||
} else {
|
||||
res.status(403).json({ error: 'Forbidden' });
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
module.exports = { requireAuth, requireRole };
|
||||
|
|
|
|||
Loading…
Reference in a new issue