Add user model to RequireAuth middlewares

2020-10-01 13:59:19 +02:00 · 2020-10-01 13:59:19 +02:00 · e37184e5ee
commit e37184e5ee
parent f41a456524
1 changed files with 35 additions and 13 deletions
--- a/src/auth/AuthComponent.ts
+++ b/src/auth/AuthComponent.ts
@ -51,40 +51,62 @@ export class AuthMiddleware extends Middleware {
 }

 export class RequireRequestAuthMiddleware extends Middleware {
+    private user?: User;
+
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        const proof = await req.as(AuthMiddleware).getAuthGuard().isAuthenticatedViaRequest(req);
-        if (!proof) {
-            req.flash('error', `You must be logged in to access ${req.url}.`);
-            res.redirect(Controller.route('auth', undefined, {
-                redirect_uri: req.url,
-            }));
+        const user = await proof?.getResource();
+        if (user) {
+            this.user = user;
+            next();
            return;
        }

-        next();
+        req.flash('error', `You must be logged in to access ${req.url}.`);
+        res.redirect(Controller.route('auth', undefined, {
+            redirect_uri: req.url,
+        }));
+    }
+
+    public getUser(): User {
+        if (!this.user) throw new Error('user not initialized.');
+        return this.user;
    }
 }

 export class RequireAuthMiddleware extends Middleware {
+    private user?: User;
+
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        const authGuard = req.as(AuthMiddleware).getAuthGuard();
        // Via request

-        if (await authGuard.isAuthenticatedViaRequest(req)) {
+        let proof = await authGuard.isAuthenticatedViaRequest(req);
+        let user = await proof?.getResource();
+        if (user) {
+            this.user = user;
            next();
            return;
        }

        // Via session
-        if (!await authGuard.isAuthenticated(req.getSession())) {
-            req.flash('error', `You must be logged in to access ${req.url}.`);
-            res.redirect(Controller.route('auth', undefined, {
-                redirect_uri: req.url,
-            }));
+        proof = await authGuard.isAuthenticated(req.getSession());
+        user = await proof?.getResource();
+        if (user) {
+            this.user = user;
+            next();
            return;
        }

-        next();
+        req.flash('error', `You must be logged in to access ${req.url}.`);
+        res.redirect(Controller.route('auth', undefined, {
+            redirect_uri: req.url,
+        }));
+    }
+
+    public getUser(): User {
+        if (!this.user) throw new Error('user not initialized.');
+        return this.user;
    }
 }