Colubrina/backend/lib/authorize.js

48 lines
1.2 KiB
JavaScript
Raw Normal View History

2022-06-05 22:58:18 +10:00
const { User, Theme, Session } = require("../models")
const Errors = require("./errors")
module.exports = async function (req, res, next) {
try {
if (req.header("Authorization") && req.header("Authorization") !== "null") {
const token = req.header("Authorization")
const session = await Session.findOne({ where: { session: token } })
if (session) {
const user = await User.findOne({
where: { id: session.userId },
attributes: {
2022-07-31 14:56:43 +10:00
exclude: ["totp", "password", "emailToken"]
2022-06-05 22:58:18 +10:00
},
include: [
{
model: Theme,
as: "themeObject"
}
]
})
if (user) {
2022-07-29 19:20:19 +10:00
if (user.banned) {
res.status(401).json(Errors.banned)
return
}
2022-06-05 22:58:18 +10:00
await user.update({
lastSeenAt: new Date().toISOString()
})
req.user = user
next()
}
} else {
res.status(401).json(Errors.unauthorized)
}
} else {
res.status(401).json({
errors: [
{
message: "You need to be logged in."
}
]
})
}
} catch (e) {
console.log(e)
}
}