2021-04-11 12:35:55 +02:00
|
|
|
const { Cookies } = require("../constants")
|
2021-04-22 12:45:22 +02:00
|
|
|
const database = require("../db")
|
2021-04-12 19:31:58 +02:00
|
|
|
const { getCookie } = require("../utils")
|
2021-04-22 12:45:22 +02:00
|
|
|
const { StaticDatabases } = require("../db/utils")
|
2021-04-11 12:35:55 +02:00
|
|
|
|
2021-04-21 17:42:44 +02:00
|
|
|
module.exports = (noAuthPatterns = []) => {
|
|
|
|
|
const regex = new RegExp(noAuthPatterns.join("|"))
|
|
|
|
|
return async (ctx, next) => {
|
|
|
|
|
// the path is not authenticated
|
|
|
|
|
if (regex.test(ctx.request.url)) {
|
|
|
|
|
return next()
|
2021-04-11 12:35:55 +02:00
|
|
|
}
|
2021-04-21 17:42:44 +02:00
|
|
|
try {
|
|
|
|
|
// check the actual user is authenticated first
|
|
|
|
|
const authCookie = getCookie(ctx, Cookies.Auth)
|
|
|
|
|
|
|
|
|
|
if (authCookie) {
|
2021-04-22 12:45:22 +02:00
|
|
|
const db = database.getDB(StaticDatabases.GLOBAL.name)
|
|
|
|
|
const user = await db.get(authCookie.userId)
|
|
|
|
|
delete user.password
|
2021-04-21 17:42:44 +02:00
|
|
|
ctx.isAuthenticated = true
|
2021-04-22 12:45:22 +02:00
|
|
|
ctx.user = user
|
2021-04-21 17:42:44 +02:00
|
|
|
}
|
2021-04-11 12:35:55 +02:00
|
|
|
|
2021-04-21 17:42:44 +02:00
|
|
|
return next()
|
|
|
|
|
} catch (err) {
|
|
|
|
|
ctx.throw(err.status || 403, err)
|
|
|
|
|
}
|
2021-04-11 12:35:55 +02:00
|
|
|
}
|
|
|
|
|
}
|
