63 lines
1.5 KiB
JavaScript
63 lines
1.5 KiB
JavaScript
const { generateToken } = require('./csrf');
|
|
const database = require('./database');
|
|
const crypto = require("crypto");
|
|
|
|
async function PersistSession(req, res, next) {
|
|
req.session.visited = true;
|
|
res.locals.nonce = crypto.randomBytes(16).toString('base64');
|
|
|
|
const isLoggedIn = req.session.isLoggedIn;
|
|
|
|
if(isLoggedIn) {
|
|
const userId = req.session.userId;
|
|
const username = req.session.username;
|
|
const power = req.session.power;
|
|
|
|
req.session.ipAddress = req.ip;
|
|
|
|
res.locals.isLoggedIn = isLoggedIn;
|
|
res.locals.userId = userId;
|
|
res.locals.username = username;
|
|
res.locals.power = power;
|
|
res.locals.csrfToken = generateToken(req);
|
|
}
|
|
|
|
next();
|
|
}
|
|
|
|
async function CreateSession(req, user) {
|
|
return new Promise(async (resolve, reject) => {
|
|
try {
|
|
req.session.isLoggedIn = true;
|
|
req.session.userId = user.id;
|
|
req.session.username = user.username;
|
|
req.session.power = user.power;
|
|
|
|
resolve();
|
|
} catch(error) {
|
|
reject(error);
|
|
}
|
|
});
|
|
}
|
|
|
|
function AllowIfNotAuthenticated(req, res, next) {
|
|
const isLoggedIn = req.session.isLoggedIn;
|
|
if(isLoggedIn)
|
|
return res.redirect('/');
|
|
next();
|
|
}
|
|
|
|
function AllowIfAuthenticated(req, res, next) {
|
|
const isLoggedIn = req.session.isLoggedIn;
|
|
if(!isLoggedIn)
|
|
return res.redirect('/');
|
|
else
|
|
next();
|
|
}
|
|
|
|
module.exports = {
|
|
PersistSession,
|
|
CreateSession,
|
|
AllowIfNotAuthenticated,
|
|
AllowIfAuthenticated
|
|
} |