lib/api/security.js

const userStorage = require('../services/storage/userStorage');
const cookieSession = require('cookie-session');
const { nanoid } = require('nanoid');

const unauthorized = (res) => {
  return res.send(401);
};

const isUnauthorized = (req) => {
  return req.session.currentUser == null;
};

const isAdmin = (req) => {
  if (!isUnauthorized(req)) {
    const user = userStorage.getUser(req.session.currentUser);
    return user != null && user.isAdmin;
  }
  return false;
};

const authInterceptor = () => {
  return (req, res, next) => {
    if (isUnauthorized(req)) {
      return unauthorized(res);
    } else {
      next();
    }
  };
};

const adminInterceptor = () => {
  return (req, res, next) => {
    if (!isAdmin(req)) {
      return unauthorized(res);
    } else {
      next();
    }
  };
};

exports.cookieSession = (userId) => {
  return cookieSession({
    name: 'fredy-admin-session',
    keys: ['fredy', 'super', 'fancy', 'key', nanoid()],
    userId,
    maxAge: 8 * 60 * 60 * 1000, // 8 hours
  });
};

exports.adminInterceptor = adminInterceptor;
exports.authInterceptor = authInterceptor;
exports.isUnauthorized = isUnauthorized;
exports.isAdmin = isAdmin;
UI (#15) Adding new Admin UI. Updating Fredy to V3.0.0 as it has been a large rewrite. Thanks for all contributions and help on the way! 2021-01-21 16:09:23 +01:00			`const userStorage = require('../services/storage/userStorage');`
			`const cookieSession = require('cookie-session');`
			`const { nanoid } = require('nanoid');`

			`const unauthorized = (res) => {`
			`return res.send(401);`
			`};`

			`const isUnauthorized = (req) => {`
			`return req.session.currentUser == null;`
			`};`

			`const isAdmin = (req) => {`
			`if (!isUnauthorized(req)) {`
			`const user = userStorage.getUser(req.session.currentUser);`
			`return user != null && user.isAdmin;`
			`}`
			`return false;`
			`};`

			`const authInterceptor = () => {`
			`return (req, res, next) => {`
			`if (isUnauthorized(req)) {`
			`return unauthorized(res);`
			`} else {`
			`next();`
			`}`
			`};`
			`};`

			`const adminInterceptor = () => {`
			`return (req, res, next) => {`
			`if (!isAdmin(req)) {`
			`return unauthorized(res);`
			`} else {`
			`next();`
			`}`
			`};`
			`};`

			`exports.cookieSession = (userId) => {`
			`return cookieSession({`
			`name: 'fredy-admin-session',`
			`keys: ['fredy', 'super', 'fancy', 'key', nanoid()],`
			`userId,`
reduce session ttl to 8 hours 2021-01-21 16:14:47 +01:00			`maxAge: 8 * 60 * 60 * 1000, // 8 hours`
UI (#15) Adding new Admin UI. Updating Fredy to V3.0.0 as it has been a large rewrite. Thanks for all contributions and help on the way! 2021-01-21 16:09:23 +01:00			`});`
			`};`

			`exports.adminInterceptor = adminInterceptor;`
			`exports.authInterceptor = authInterceptor;`
			`exports.isUnauthorized = isUnauthorized;`
			`exports.isAdmin = isAdmin;`