mirror/spacedeck-open
1
0
Fork 0
mirror of https://github.com/spacedeck/spacedeck-open.git synced 2025-12-15 17:37:30 +01:00
Code Issues Projects Releases Wiki Activity
Files
601211e294825f9fa1dea2db61fa173271e6e0a4
spacedeck-open/middlewares/session.js
dm 50e421d64d fix api-token check
2021-04-20 15:14:41 +02:00

67 lines
1.8 KiB
JavaScript
Raw Blame History

"use strict";
const db = require("../models/db");
var config = require("config");
module.exports = (req, res, next) => {
// authentication via API token
const api_token = req.headers["x-spacedeck-api-token"];
if (api_token && api_token.length > 7) {
db.User.findOne({ where: { api_token: api_token } }).then((user) => {
if (user) {
req.user = user;
next();
} else {
res.status(403).json({
error: "invalid_api-token",
});
}
});
return;
}
// authentication via session/cookie
const token = req.cookies["sdsession"];
if (token && token != "null" && token != null) {
db.Session.findOne({ where: { token: token } })
.then((session) => {
if (!session) {
// session not found
next();
} else
db.User.findOne({ where: { _id: session.user_id } }).then((user) => {
if (!user) {
var domain =
process.env.NODE_ENV == "production"
? new URL(config.get("endpoint")).hostname
: req.headers.hostname;
res.clearCookie("sdsession", { domain: domain });
if (req.accepts("text/html")) {
res.send("Please clear your cookies and try again.");
} else if (req.accepts("application/json")) {
res.status(403).json({
error: "token_not_found",
});
} else {
res.send("Please clear your cookies and try again.");
}
} else {
req["token"] = token;
req["user"] = user;
next();
}
});
})
.error((err) => {
console.error("Session resolve error", err);
next();
});
} else {
next();
}
};
Reference in New Issue View Git Blame Copy Permalink