mirror of
https://github.com/agregarr/agregarr.git
synced 2026-02-04 14:45:22 +08:00
56 lines
1.5 KiB
TypeScript
56 lines
1.5 KiB
TypeScript
import { getRepository } from '@server/datasource';
|
|
import { User } from '@server/entity/User';
|
|
import { getSettings } from '@server/lib/settings';
|
|
import type { NextFunction, Request, Response } from 'express';
|
|
|
|
type Middleware = (req: Request, res: Response, next: NextFunction) => void;
|
|
|
|
export const checkUser: Middleware = async (req, _res, next) => {
|
|
const settings = getSettings();
|
|
let user: User | undefined | null;
|
|
|
|
if (req.header('X-API-Key') === settings.main.apiKey) {
|
|
const userRepository = getRepository(User);
|
|
|
|
let userId = 1; // Work on original administrator account
|
|
|
|
// If a User ID is provided, we will act on that user's behalf
|
|
if (req.header('X-API-User')) {
|
|
userId = Number(req.header('X-API-User'));
|
|
}
|
|
|
|
user = await userRepository.findOne({ where: { id: userId } });
|
|
} else if (req.session?.userId) {
|
|
const userRepository = getRepository(User);
|
|
|
|
user = await userRepository.findOne({
|
|
where: { id: req.session.userId },
|
|
});
|
|
}
|
|
|
|
if (user) {
|
|
req.user = user;
|
|
}
|
|
|
|
req.locale = user?.settings?.locale
|
|
? user.settings.locale
|
|
: settings.main.locale;
|
|
|
|
next();
|
|
};
|
|
|
|
export const isAuthenticated = (): Middleware => {
|
|
const authMiddleware: Middleware = (req, res, next) => {
|
|
if (!req.user) {
|
|
res.status(403).json({
|
|
status: 403,
|
|
error: 'Authentication required',
|
|
});
|
|
} else {
|
|
// Permission system removed - just check if user is authenticated
|
|
next();
|
|
}
|
|
};
|
|
return authMiddleware;
|
|
};
|