first commit
Some checks failed
Build Images and Deploy / Update-PROD-Stack (push) Failing after 14s
Some checks failed
Build Images and Deploy / Update-PROD-Stack (push) Failing after 14s
This commit is contained in:
37
src/middleware/auth.js
Normal file
37
src/middleware/auth.js
Normal file
@@ -0,0 +1,37 @@
|
||||
// Authentication middleware
|
||||
|
||||
function requireAuth(req, res, next) {
|
||||
if (req.session && req.session.userId) {
|
||||
return next();
|
||||
}
|
||||
// Save the original URL so we can redirect back after login
|
||||
req.session.returnTo = req.originalUrl;
|
||||
res.redirect('/auth/login');
|
||||
}
|
||||
|
||||
function requireAdmin(req, res, next) {
|
||||
if (req.session && req.session.userId && req.session.isAdmin) {
|
||||
return next();
|
||||
}
|
||||
if (req.session && req.session.userId) {
|
||||
return res.status(403).render('error', { title: 'Forbidden', message: 'You do not have admin access.' });
|
||||
}
|
||||
req.session.returnTo = req.originalUrl;
|
||||
res.redirect('/auth/login');
|
||||
}
|
||||
|
||||
function loadUser(req, res, next) {
|
||||
if (req.session && req.session.userId) {
|
||||
res.locals.currentUser = {
|
||||
id: req.session.userId,
|
||||
username: req.session.username,
|
||||
isAdmin: req.session.isAdmin
|
||||
};
|
||||
} else {
|
||||
res.locals.currentUser = null;
|
||||
}
|
||||
res.locals.baseUrl = process.env.BASE_URL || `http://localhost:${process.env.PORT || 3000}`;
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = { requireAuth, requireAdmin, loadUser };
|
||||
Reference in New Issue
Block a user