mirror/spacedeck-open
1
0
Fork 0
mirror of https://github.com/spacedeck/spacedeck-open.git synced 2025-12-15 17:37:30 +01:00
Code Issues Projects Releases Wiki Activity

allow auth via api_token

Browse Source
This commit is contained in:
mntmn
2020-05-11 18:25:14 +02:00
committed by mntmn
parent b93cc20371
commit b99ec300bb
1 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
middlewares/session.js
View File

@@ -4,8 +4,27 @@ const db = require('../models/db');
var config = require('config'); var config = require('config');
module.exports = (req, res, next) => { module.exports = (req, res, next) => {
// authentication via API token
const api_token = req.headers["x-spacedeck-api-token"];
if (api_token && api_token.length>7) {
db.User.findOne({where: {api_token: api_token}}).then(user => {
req.user = user;
next();
}).error(err => {
res.status(403).json({
"error": "invalid_api-token"
});
next();
});
return;
}
// authentication via session/cookie
const token = req.cookies["sdsession"]; const token = req.cookies["sdsession"];
if (token && token != "null" && token != null) { if (token && token != "null" && token != null) {
db.Session.findOne({where: {token: token}}) db.Session.findOne({where: {token: token}})
.then(session => { .then(session => {
@@ -28,7 +47,7 @@ module.exports = (req, res, next) => {
} else { } else {
res.send("Please clear your cookies and try again."); res.send("Please clear your cookies and try again.");
} }
} else { } else {
req["token"] = token; req["token"] = token;
req["user"] = user; req["user"] = user;
@@ -44,4 +63,3 @@ module.exports = (req, res, next) => {
next(); next();
} }
} }