1
0
mirror of https://github.com/bpatrik/pigallery2.git synced 2024-12-16 11:37:13 +02:00
pigallery2/backend/middlewares/user/AuthenticationMWs.ts
2016-12-27 16:09:47 +01:00

67 lines
2.3 KiB
TypeScript

///<reference path="../customtypings/ExtendedRequest.d.ts"/>
import {NextFunction, Request, Response} from "express";
import {Error, ErrorCodes} from "../../../common/entities/Error";
import {UserRoles, UserDTO} from "../../../common/entities/UserDTO";
import {ObjectManagerRepository} from "../../model/ObjectManagerRepository";
import {Config} from "../../config/Config";
export class AuthenticationMWs {
public static authenticate(req: Request, res: Response, next: NextFunction) {
if (Config.Client.authenticationRequired === false) {
req.session.user = <UserDTO>{name: "", role: UserRoles.Admin};
return next();
}
if (typeof req.session.user === 'undefined') {
return next(new Error(ErrorCodes.NOT_AUTHENTICATED));
}
return next();
}
public static authorise(role: UserRoles) {
return (req: Request, res: Response, next: NextFunction) => {
if (req.session.user.role < role) {
return next(new Error(ErrorCodes.NOT_AUTHORISED));
}
return next();
};
}
public static inverseAuthenticate(req: Request, res: Response, next: NextFunction) {
if (typeof req.session.user !== 'undefined') {
return next(new Error(ErrorCodes.ALREADY_AUTHENTICATED));
}
return next();
}
public static login(req: Request, res: Response, next: NextFunction) {
//not enough parameter
if ((typeof req.body === 'undefined') || (typeof req.body.loginCredential === 'undefined') || (typeof req.body.loginCredential.username === 'undefined') ||
(typeof req.body.loginCredential.password === 'undefined')) {
return next();
}
//lets find the user
ObjectManagerRepository.getInstance().getUserManager().findOne({
name: req.body.loginCredential.username,
password: req.body.loginCredential.password
}, (err, result) => {
if ((err) || (!result)) {
console.error(err);
return next(new Error(ErrorCodes.CREDENTIAL_NOT_FOUND));
}
req.session.user = result;
return next();
});
}
public static logout(req: Request, res: Response, next: NextFunction) {
delete req.session.user;
return next();
}
}