1
0
mirror of https://github.com/xuthus83/pigallery2.git synced 2024-11-03 21:04:03 +08:00
pigallery2/backend/middlewares/AuthenticationMWs.ts

58 lines
2.0 KiB
TypeScript
Raw Normal View History

///<reference path="ExtendedRequest.d.ts"/>
///<reference path="../../typings/main.d.ts"/>
import {NextFunction, Request, Response} from "express";
import {Error, ErrorCodes} from "../../common/entities/Error";
import {UserRoles} from "../../common/entities/User";
2016-04-22 19:23:44 +08:00
import {ObjectManagerRepository} from "../model/ObjectManagerRepository";
export class AuthenticationMWs {
2016-05-09 23:04:56 +08:00
public static authenticate(req:Request, res:Response, next:NextFunction) {
/* if (typeof req.session.user === 'undefined') {
return next(new Error(ErrorCodes.NOT_AUTHENTICATED));
}*/
//TODO: uncomment
return next();
}
2016-05-09 23:04:56 +08:00
public static authorise(role:UserRoles) {
return (req:Request, res:Response, next:NextFunction) => {
if (req.session.user.role < role) {
return next(new Error(ErrorCodes.NOT_AUTHORISED));
}
return next();
};
}
2016-05-09 23:04:56 +08:00
public static inverseAuthenticate(req:Request, res:Response, next:NextFunction) {
if (typeof req.session.user !== 'undefined') {
return next(new Error(ErrorCodes.ALREADY_AUTHENTICATED));
}
return next();
}
2016-05-09 23:04:56 +08:00
public static login(req:Request, res:Response, next:NextFunction) {
//not enough parameter
2016-05-09 23:04:56 +08:00
if ((typeof req.body === 'undefined') || (typeof req.body.loginCredential === 'undefined') || (typeof req.body.loginCredential.username === 'undefined') ||
2016-03-20 23:54:30 +08:00
(typeof req.body.loginCredential.password === 'undefined')) {
return next();
}
//lets find the user
2016-04-22 19:23:44 +08:00
ObjectManagerRepository.getInstance().getUserManager().findOne({
2016-05-09 23:04:56 +08:00
name: req.body.loginCredential.username,
password: req.body.loginCredential.password
}, (err, result) => {
if ((err) || (!result)) {
return next(new Error(ErrorCodes.CREDENTIAL_NOT_FOUND));
}
req.session.user = result;
return next();
});
}
}