Add user model to RequireAuth middlewares

This commit is contained in:
Alice Gaudon 2020-10-01 13:59:19 +02:00
parent f41a456524
commit e37184e5ee

View File

@ -51,40 +51,62 @@ export class AuthMiddleware extends Middleware {
} }
export class RequireRequestAuthMiddleware extends Middleware { export class RequireRequestAuthMiddleware extends Middleware {
private user?: User;
protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> { protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
const proof = await req.as(AuthMiddleware).getAuthGuard().isAuthenticatedViaRequest(req); const proof = await req.as(AuthMiddleware).getAuthGuard().isAuthenticatedViaRequest(req);
if (!proof) { const user = await proof?.getResource();
if (user) {
this.user = user;
next();
return;
}
req.flash('error', `You must be logged in to access ${req.url}.`); req.flash('error', `You must be logged in to access ${req.url}.`);
res.redirect(Controller.route('auth', undefined, { res.redirect(Controller.route('auth', undefined, {
redirect_uri: req.url, redirect_uri: req.url,
})); }));
return;
} }
next(); public getUser(): User {
if (!this.user) throw new Error('user not initialized.');
return this.user;
} }
} }
export class RequireAuthMiddleware extends Middleware { export class RequireAuthMiddleware extends Middleware {
private user?: User;
protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> { protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
const authGuard = req.as(AuthMiddleware).getAuthGuard(); const authGuard = req.as(AuthMiddleware).getAuthGuard();
// Via request // Via request
if (await authGuard.isAuthenticatedViaRequest(req)) { let proof = await authGuard.isAuthenticatedViaRequest(req);
let user = await proof?.getResource();
if (user) {
this.user = user;
next(); next();
return; return;
} }
// Via session // Via session
if (!await authGuard.isAuthenticated(req.getSession())) { proof = await authGuard.isAuthenticated(req.getSession());
user = await proof?.getResource();
if (user) {
this.user = user;
next();
return;
}
req.flash('error', `You must be logged in to access ${req.url}.`); req.flash('error', `You must be logged in to access ${req.url}.`);
res.redirect(Controller.route('auth', undefined, { res.redirect(Controller.route('auth', undefined, {
redirect_uri: req.url, redirect_uri: req.url,
})); }));
return;
} }
next(); public getUser(): User {
if (!this.user) throw new Error('user not initialized.');
return this.user;
} }
} }