diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js
index 4cdbb51..a1ba498 100644
--- a/src/api/middlewares/authMiddleware.js
+++ b/src/api/middlewares/authMiddleware.js
@@ -7,16 +7,19 @@ import { DbUser } from '#db/schemas/index.js';
*/
export function validateAuth(options) {
return async function (req, res, next) {
- var auth = validateJwtToken(req.headers.authorization);
+ const auth = (req.auth = validateJwtToken(req.headers.authorization));
if (!auth) {
res.status(401).send('Unauthorized');
return;
}
- req.user = await DbUser.findById(auth.id).exec();
+ const user = (req.user = await DbUser.findById(auth.id).exec());
- req.auth = auth;
- req = next();
+ if (options.roles && !options.roles.includes(user.type)) {
+ return;
+ }
+
+ next();
};
}
diff --git a/src/api/routes.js b/src/api/routes.js
index 0da8be9..09606f1 100644
--- a/src/api/routes.js
+++ b/src/api/routes.js
@@ -12,23 +12,37 @@ export function registerRoutes(app) {
);
if (route.onGet) {
- app.get(route.route, route.onGet);
+ if (route.onGetValidation)
+ app.get(route.route, route.onGetValidation, route.onGet);
+ else app.get(route.route, route.onGet);
routeCount++;
}
if (route.onPost) {
- app.post(route.route, route.onPost);
+ if (route.onPostValidation)
+ app.post(route.route, route.onPostValidation, route.onPost);
+ else app.post(route.route, route.onPost);
routeCount++;
}
if (route.onPut) {
- app.put(route.route, route.onPut);
+ if (route.onPutValidation)
+ app.put(route.route, route.onPutValidation, route.onPut);
+ else app.put(route.route, route.onPut);
routeCount++;
}
if (route.onDelete) {
- app.put(route.route, route.onDelete);
+ if (route.onDeleteValidation)
+ app.delete(
+ route.route,
+ route.onDeleteValidation,
+ route.onDelete
+ );
+ else app.delete(route.route, route.onDelete);
routeCount++;
}
if (route.onPatch) {
- app.patch(route.route, route.onPatch);
+ if (route.onPatchValidation)
+ app.patch(route.route, route.onPatchValidation, route.onPatch);
+ else app.patch(route.route, route.onPatch);
routeCount++;
}
});
diff --git a/src/api/routes/auth/accountRoutes.js b/src/api/routes/auth/accountRoutes.js
index 6655ecb..5c88c22 100644
--- a/src/api/routes/auth/accountRoutes.js
+++ b/src/api/routes/auth/accountRoutes.js
@@ -20,7 +20,6 @@ export const loginRoute = {
*/
async onPost(req, res) {
const data = await AuthDto.create(req.body);
- console.log(req.headers['user-agent']);
const loginResult = await loginUser(data, req.headers['user-agent']);
res.send(loginResult);
}
diff --git a/src/api/routes/auth/deviceRoutes.js b/src/api/routes/auth/deviceRoutes.js
index 6655ecb..11cae8f 100644
--- a/src/api/routes/auth/deviceRoutes.js
+++ b/src/api/routes/auth/deviceRoutes.js
@@ -1,36 +1,38 @@
import { deleteUser, loginUser, registerUser } from '#db/index.js';
import { AuthDto, RegisterDto } from '#dto/index.js';
+import { validateAuth } from '#api/middlewares/index.js';
-export const registerRoute = {
- route: '/auth/register',
- async onPost(req, res) {
+export const getDevicesRoute = {
+ route: '/auth/devices',
+ onGetValidation: validateAuth({}),
+ async onGet(req, res) {
const data = await RegisterDto.create(req.body);
const registerResult = await registerUser(data);
res.send(registerResult);
}
};
-export const loginRoute = {
- route: '/auth/login',
- /**
- *
- * @param req {Request}
- * @param res
- * @returns {Promise<WhoAmIDto>}
- */
- async onPost(req, res) {
- const data = await AuthDto.create(req.body);
- console.log(req.headers['user-agent']);
- const loginResult = await loginUser(data, req.headers['user-agent']);
- res.send(loginResult);
- }
-};
-
-export const deleteRoute = {
- route: '/auth/delete',
- async onDelete(req, res) {
- const data = await AuthDto.create(req.body);
- await deleteUser(data);
- res.status(204).send();
- }
-};
+// export const loginRoute = {
+// route: '/auth/login',
+// /**
+// *
+// * @param req {Request}
+// * @param res
+// * @returns {Promise<WhoAmIDto>}
+// */
+// async onPost(req, res) {
+// const data = await AuthDto.create(req.body);
+// console.log(req.headers['user-agent']);
+// const loginResult = await loginUser(data, req.headers['user-agent']);
+// res.send(loginResult);
+// }
+// };
+//
+// export const deleteRoute = {
+// route: '/auth/delete',
+// async onDelete(req, res) {
+// const data = await AuthDto.create(req.body);
+// await deleteUser(data);
+// res.status(204).send();
+// }
+// };
diff --git a/src/api/routes/auth/index.js b/src/api/routes/auth/index.js
index 29a07ad..e687911 100644
--- a/src/api/routes/auth/index.js
+++ b/src/api/routes/auth/index.js
@@ -1 +1,2 @@
export * from './accountRoutes.js';
+export * from './deviceRoutes.js';
|
