Uecko/Presupuestador_web
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

.

Browse Source
This commit is contained in:
David Arranz 2024-09-08 18:53:16 +02:00
parent 12331c8c48
commit bdb1fc6a63
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/src/contexts/auth/infrastructure/express/passport/authMiddleware.ts
View File

@ -14,15 +14,20 @@ export const checkUser = composeMiddleware([
session: false, session: false,
}), }),
(req: Request, res: Response, next: NextFunction) => { (req: Request, res: Response, next: NextFunction) => {
if (req.isAuthenticated()) { const _req = req as AuthenticatedRequest;
return next(); const user = <AuthUser>_req.user;
if (!user || !user.isUser) {
return generateExpressError(req, res, httpStatus.UNAUTHORIZED);
} }
return generateExpressError(req, res, httpStatus.UNAUTHORIZED); return next();
}, },
]); ]);
export const checkisAdmin = composeMiddleware([ export const checkisAdmin = composeMiddleware([
checkUser, passport.authenticate("local-jwt", {
session: false,
}),
(req: Request, res: Response, next: NextFunction) => { (req: Request, res: Response, next: NextFunction) => {
const _req = req as AuthenticatedRequest; const _req = req as AuthenticatedRequest;
const user = <AuthUser>_req.user; const user = <AuthUser>_req.user;
@ -35,7 +40,9 @@ export const checkisAdmin = composeMiddleware([
]); ]);
export const checkAdminOrSelf = composeMiddleware([ export const checkAdminOrSelf = composeMiddleware([
checkUser, passport.authenticate("local-jwt", {
session: false,
}),
(req: Request, res: Response, next: NextFunction) => { (req: Request, res: Response, next: NextFunction) => {
const _req = req as AuthenticatedRequest; const _req = req as AuthenticatedRequest;
const user = <AuthUser>_req.user; const user = <AuthUser>_req.user;
@ -46,7 +53,7 @@ export const checkAdminOrSelf = composeMiddleware([
return next(); return next();
} }
if (user && userId) { if (user && user.isUser && userId) {
const paramIdOrError = ensureIdIsValid(userId); const paramIdOrError = ensureIdIsValid(userId);
if (paramIdOrError.isSuccess && user.id.equals(paramIdOrError.object)) { if (paramIdOrError.isSuccess && user.id.equals(paramIdOrError.object)) {
return next(); return next();