Mike Johnston
ea537ff293
All checks were successful
Build Images and Deploy / Update-PROD-Stack (push) Successful in 29s
51 lines
1.6 KiB
JavaScript
51 lines
1.6 KiB
JavaScript
// Authentication middleware
|
|
|
|
function requireAuth(req, res, next) {
|
|
if (req.session && req.session.userId) {
|
|
return next();
|
|
}
|
|
// Save the original URL so we can redirect back after login
|
|
req.session.returnTo = req.originalUrl;
|
|
res.redirect('/auth/login');
|
|
}
|
|
|
|
function requireAdmin(req, res, next) {
|
|
if (req.session && req.session.userId && req.session.isAdmin) {
|
|
return next();
|
|
}
|
|
if (req.session && req.session.userId) {
|
|
return res.status(403).render('error', { title: 'Forbidden', message: 'You do not have admin access.' });
|
|
}
|
|
req.session.returnTo = req.originalUrl;
|
|
res.redirect('/auth/login');
|
|
}
|
|
|
|
function requireOrganizerOrAdmin(req, res, next) {
|
|
if (req.session && req.session.userId && (req.session.isAdmin || req.session.isOrganizer)) {
|
|
return next();
|
|
}
|
|
if (req.session && req.session.userId) {
|
|
return res.status(403).render('error', { title: 'Forbidden', message: 'You do not have access to this page.' });
|
|
}
|
|
req.session.returnTo = req.originalUrl;
|
|
res.redirect('/auth/login');
|
|
}
|
|
|
|
function loadUser(req, res, next) {
|
|
if (req.session && req.session.userId) {
|
|
res.locals.currentUser = {
|
|
id: req.session.userId,
|
|
username: req.session.username,
|
|
displayName: req.session.displayName || req.session.username,
|
|
isAdmin: req.session.isAdmin,
|
|
isOrganizer: req.session.isOrganizer
|
|
};
|
|
} else {
|
|
res.locals.currentUser = null;
|
|
}
|
|
res.locals.baseUrl = process.env.BASE_URL || `http://localhost:${process.env.PORT || 3000}`;
|
|
next();
|
|
}
|
|
|
|
module.exports = { requireAuth, requireAdmin, requireOrganizerOrAdmin, loadUser };
|