Use res.locals
This commit is contained in:
parent
b8d73e3a94
commit
431700a888
|
@ -1,13 +1,12 @@
|
||||||
import { Response, NextFunction } from 'express'
|
import { Response, NextFunction, Request } from 'express'
|
||||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
|
||||||
|
|
||||||
export async function authMiddleware(
|
export async function authMiddleware(
|
||||||
req: RequestWithUser,
|
req: Request,
|
||||||
res: Response,
|
res: Response,
|
||||||
next: NextFunction
|
next: NextFunction
|
||||||
) {
|
) {
|
||||||
try {
|
try {
|
||||||
if (!req.user) {
|
if (!res.locals.user) {
|
||||||
res.status(401).json({ error: 'Must be logged in' })
|
res.status(401).json({ error: 'Must be logged in' })
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
import { Response, NextFunction } from 'express'
|
import { Response, NextFunction, Request } from 'express'
|
||||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
|
||||||
import { Role } from '@prisma/client'
|
import { Role } from '@prisma/client'
|
||||||
|
|
||||||
export function hasRolesMiddleware(roles: Role[]) {
|
export function hasRolesMiddleware(roles: Role[]) {
|
||||||
return function (req: RequestWithUser, res: Response, next: NextFunction) {
|
return function (req: Request, res: Response, next: NextFunction) {
|
||||||
try {
|
try {
|
||||||
const userRoles = req.user?.roles
|
const userRoles = res.locals.user?.roles
|
||||||
|
|
||||||
if (roles.some(role => userRoles?.includes(role))) next()
|
if (roles.some(role => userRoles?.includes(role))) next()
|
||||||
else res.status(401).json({ error: 'Not authorized!' })
|
else res.status(401).json({ error: 'Not authorized!' })
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
import { NextFunction, Request, Response } from 'express'
|
import { NextFunction, Request, Response } from 'express'
|
||||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
|
||||||
import { AuthenticationController } from '../controllers/AuthenticationController.js'
|
import { AuthenticationController } from '../controllers/AuthenticationController.js'
|
||||||
|
|
||||||
function getToken(req: Request) {
|
function getToken(req: Request) {
|
||||||
|
@ -14,7 +13,7 @@ function getToken(req: Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function injectUserMiddleware(
|
export async function injectUserMiddleware(
|
||||||
req: RequestWithUser,
|
req: Request,
|
||||||
res: Response,
|
res: Response,
|
||||||
next: NextFunction
|
next: NextFunction
|
||||||
) {
|
) {
|
||||||
|
@ -23,7 +22,7 @@ export async function injectUserMiddleware(
|
||||||
if (token) {
|
if (token) {
|
||||||
try {
|
try {
|
||||||
const user = await AuthenticationController.authenticate(token)
|
const user = await AuthenticationController.authenticate(token)
|
||||||
req.user = user
|
res.locals.user = user
|
||||||
} catch (error: any) {
|
} catch (error: any) {
|
||||||
return res.status(401).json({ error: error.message })
|
return res.status(401).json({ error: error.message })
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,8 +5,6 @@ import { injectUserMiddleware } from './middleware/injectUserMiddleware.js'
|
||||||
import { authMiddleware } from './middleware/authMiddleware.js'
|
import { authMiddleware } from './middleware/authMiddleware.js'
|
||||||
import { hasRolesMiddleware } from './middleware/hasRolesMiddleware.js'
|
import { hasRolesMiddleware } from './middleware/hasRolesMiddleware.js'
|
||||||
|
|
||||||
import { RequestWithUser } from './types/RequestWithUser.js'
|
|
||||||
|
|
||||||
import { UserRouteController } from './controllers/routes/UserRouteController.js'
|
import { UserRouteController } from './controllers/routes/UserRouteController.js'
|
||||||
import { AuthenticationController } from './controllers/AuthenticationController.js'
|
import { AuthenticationController } from './controllers/AuthenticationController.js'
|
||||||
|
|
||||||
|
@ -38,25 +36,23 @@ app.post('/api/login', async (req: Request, res: Response) => {
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
app.get(
|
app.get('/api/me', authMiddleware, async (req: Request, res: Response) =>
|
||||||
'/api/me',
|
res.json(res.locals.user)
|
||||||
authMiddleware,
|
|
||||||
async (req: RequestWithUser, res: Response) => res.json(req.user)
|
|
||||||
)
|
)
|
||||||
|
|
||||||
app.get(
|
app.get(
|
||||||
'/api/protected',
|
'/api/protected',
|
||||||
authMiddleware,
|
authMiddleware,
|
||||||
async (req: RequestWithUser, res: Response) => {
|
async (req: Request, res: Response) => {
|
||||||
res.json('Hello protected world! ' + req.user?.displayName)
|
res.json('Hello protected world! ' + res.locals.user?.displayName)
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
app.get(
|
app.get(
|
||||||
'/api/admin',
|
'/api/admin',
|
||||||
hasRolesMiddleware(['ADMIN']),
|
hasRolesMiddleware(['ADMIN']),
|
||||||
async (req: RequestWithUser, res: Response) => {
|
async (req: Request, res: Response) => {
|
||||||
res.json('Hello Admin!' + req.user?.username)
|
res.json('Hello Admin!' + res.locals.user?.username)
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
import { Request } from 'express'
|
|
||||||
import { User } from '@prisma/client'
|
|
||||||
|
|
||||||
export interface RequestWithUser extends Request {
|
|
||||||
user?: User | null
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user