85 lines
2.3 KiB
JavaScript
85 lines
2.3 KiB
JavaScript
const jwt = require("jsonwebtoken");
|
|
const config = require("../config/auth.config.js");
|
|
const db = require("../models");
|
|
const User = db.user;
|
|
|
|
verifyToken = (req, res, next) => {
|
|
let token = req.headers["x-access-token"];
|
|
if (!token) {
|
|
return res.status(403).send({
|
|
message: "Токена нету у вас"
|
|
});
|
|
}
|
|
jwt.verify(token,
|
|
config.secret,
|
|
(err, decoded) => {
|
|
if (err) {
|
|
return res.status(401).send({
|
|
message: "Вы не авторизованны",
|
|
});
|
|
}
|
|
req.userId = decoded.id;
|
|
next();
|
|
});
|
|
};
|
|
|
|
isAdmin = (req, res, next) => {
|
|
User.findByPk(req.userId).then(user => {
|
|
user.getRoles().then(roles => {
|
|
for (let i = 0; i < roles.length; i++) {
|
|
if (roles[i].name === "admin") {
|
|
next();
|
|
return;
|
|
}
|
|
}
|
|
res.status(403).send({
|
|
message: "Вам нужна роль админ"
|
|
});
|
|
});
|
|
});
|
|
};
|
|
|
|
isModerator = (req, res, next) => {
|
|
User.findByPk(req.userId).then(user => {
|
|
user.getRoles().then(roles => {
|
|
for (let i = 0; i < roles.length; i++) {
|
|
if (roles[i].name === "moderator") {
|
|
next();
|
|
return;
|
|
}
|
|
}
|
|
res.status(403).send({
|
|
message: "Вам нужна роль модератор"
|
|
});
|
|
});
|
|
});
|
|
};
|
|
|
|
isModeratorOrAdmin = (req, res, next) => {
|
|
User.findByPk(req.userId).then(user => {
|
|
user.getRoles().then(roles => {
|
|
for (let i = 0; i < roles.length; i++) {
|
|
if (roles[i].name === "moderator") {
|
|
next();
|
|
return;
|
|
}
|
|
if (roles[i].name === "admin") {
|
|
next();
|
|
return;
|
|
}
|
|
}
|
|
res.status(403).send({
|
|
message: "Нужна роль либо модератор, любо админ"
|
|
});
|
|
});
|
|
});
|
|
};
|
|
|
|
const authJwt = {
|
|
verifyToken: verifyToken,
|
|
isAdmin: isAdmin,
|
|
isModerator: isModerator,
|
|
isModeratorOrAdmin: isModeratorOrAdmin
|
|
};
|
|
module.exports = authJwt;
|