Use res.locals
This commit is contained in:
parent
b8d73e3a94
commit
431700a888
|
@ -1,13 +1,12 @@
|
|||
import { Response, NextFunction } from 'express'
|
||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
||||
import { Response, NextFunction, Request } from 'express'
|
||||
|
||||
export async function authMiddleware(
|
||||
req: RequestWithUser,
|
||||
req: Request,
|
||||
res: Response,
|
||||
next: NextFunction
|
||||
) {
|
||||
try {
|
||||
if (!req.user) {
|
||||
if (!res.locals.user) {
|
||||
res.status(401).json({ error: 'Must be logged in' })
|
||||
return
|
||||
}
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
import { Response, NextFunction } from 'express'
|
||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
||||
import { Response, NextFunction, Request } from 'express'
|
||||
|
||||
import { Role } from '@prisma/client'
|
||||
|
||||
export function hasRolesMiddleware(roles: Role[]) {
|
||||
return function (req: RequestWithUser, res: Response, next: NextFunction) {
|
||||
return function (req: Request, res: Response, next: NextFunction) {
|
||||
try {
|
||||
const userRoles = req.user?.roles
|
||||
const userRoles = res.locals.user?.roles
|
||||
|
||||
if (roles.some(role => userRoles?.includes(role))) next()
|
||||
else res.status(401).json({ error: 'Not authorized!' })
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
import { NextFunction, Request, Response } from 'express'
|
||||
import { RequestWithUser } from '../types/RequestWithUser.js'
|
||||
import { AuthenticationController } from '../controllers/AuthenticationController.js'
|
||||
|
||||
function getToken(req: Request) {
|
||||
|
@ -14,7 +13,7 @@ function getToken(req: Request) {
|
|||
}
|
||||
|
||||
export async function injectUserMiddleware(
|
||||
req: RequestWithUser,
|
||||
req: Request,
|
||||
res: Response,
|
||||
next: NextFunction
|
||||
) {
|
||||
|
@ -23,7 +22,7 @@ export async function injectUserMiddleware(
|
|||
if (token) {
|
||||
try {
|
||||
const user = await AuthenticationController.authenticate(token)
|
||||
req.user = user
|
||||
res.locals.user = user
|
||||
} catch (error: any) {
|
||||
return res.status(401).json({ error: error.message })
|
||||
}
|
||||
|
|
|
@ -5,8 +5,6 @@ import { injectUserMiddleware } from './middleware/injectUserMiddleware.js'
|
|||
import { authMiddleware } from './middleware/authMiddleware.js'
|
||||
import { hasRolesMiddleware } from './middleware/hasRolesMiddleware.js'
|
||||
|
||||
import { RequestWithUser } from './types/RequestWithUser.js'
|
||||
|
||||
import { UserRouteController } from './controllers/routes/UserRouteController.js'
|
||||
import { AuthenticationController } from './controllers/AuthenticationController.js'
|
||||
|
||||
|
@ -38,25 +36,23 @@ app.post('/api/login', async (req: Request, res: Response) => {
|
|||
}
|
||||
})
|
||||
|
||||
app.get(
|
||||
'/api/me',
|
||||
authMiddleware,
|
||||
async (req: RequestWithUser, res: Response) => res.json(req.user)
|
||||
app.get('/api/me', authMiddleware, async (req: Request, res: Response) =>
|
||||
res.json(res.locals.user)
|
||||
)
|
||||
|
||||
app.get(
|
||||
'/api/protected',
|
||||
authMiddleware,
|
||||
async (req: RequestWithUser, res: Response) => {
|
||||
res.json('Hello protected world! ' + req.user?.displayName)
|
||||
async (req: Request, res: Response) => {
|
||||
res.json('Hello protected world! ' + res.locals.user?.displayName)
|
||||
}
|
||||
)
|
||||
|
||||
app.get(
|
||||
'/api/admin',
|
||||
hasRolesMiddleware(['ADMIN']),
|
||||
async (req: RequestWithUser, res: Response) => {
|
||||
res.json('Hello Admin!' + req.user?.username)
|
||||
async (req: Request, res: Response) => {
|
||||
res.json('Hello Admin!' + res.locals.user?.username)
|
||||
}
|
||||
)
|
||||
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
import { Request } from 'express'
|
||||
import { User } from '@prisma/client'
|
||||
|
||||
export interface RequestWithUser extends Request {
|
||||
user?: User | null
|
||||
}
|
Loading…
Reference in New Issue
Block a user