UNPKG

@greenpress/auth

Version:

Express Passport authentication service

github.com/greenpress/grenpress

greenpress/grenpress

101 lines (85 loc) 2.77 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import { Response, Request, RequestHandler } from "express" import { AuthRequest } from "../../types" import User, {IUser} from '../models/user' const { Types: { ObjectId } } = require('mongoose') const UsersService = require('../services/users') const { isObjectId } = require('../../helpers/mongo-utils') const privilegedUserFields = 'email name roles' function getUsers(req:AuthRequest, res:Response): RequestHandler { const isPrivileged = !!(req.userPayload && req.userPayload.isPrivileged) const users = (req.query.users as string || '') .split(',') .map(id => { const val = id.trim() if (isObjectId(val)) { return ObjectId(val) } return false }) .filter(Boolean) if (!(isPrivileged || users.length)) { res.status(200).json([]).end() return; } const query: Record<string, any> = isPrivileged && !users.length ? {} : { _id: { $in: users } } query.tenant = req.headers.tenant User.find(query) .select(isPrivileged ? privilegedUserFields : 'name') .lean() .then((users:any[]) => { res.status(200).json(users || []).end() }) .catch(() => res.status(404).json({ message: 'could not load users' }).end()) return; } function getUser(req:AuthRequest, res:Response): RequestHandler { const isPrivileged = !!(req.userPayload && req.userPayload.isPrivileged) User.findOne({ _id: req.params.userId, tenant: req.headers.tenant }) .select(isPrivileged ? privilegedUserFields : 'name') .lean() .then((user?: IUser) => { if (!user) { return Promise.reject(null) } res.status(200).json(user).end() }) .catch(() => res.status(404).json({ message: 'user not exists' }).end()) return; } async function createUser(req:AuthRequest, res:Response) { const user = new User(req.body) user.tenant = req.headers.tenant try { const { _id, name, email, roles } = await user.save() res.status(200).json({ _id, name, email, roles }).end() } catch (e) { res.status(400).json({ message: 'user creation failed' }).end() } } async function updateUser(req:AuthRequest, res:Response) { const { email, roles, name, password } = req.body || {} try { await UsersService.updateUser( { _id: req.params.userId, tenant: req.headers.tenant }, { email, roles, name, password } ) res.status(200).json({ email, name, roles, _id: req.params.userId }).end() } catch (e) { res.status(400).json({ message: 'user update failed' }).end() } } async function removeUser(req:Request, res:Response) { try { await UsersService.deleteUser(req.params.userId, req.headers.tenant); res.status(200).json({ _id: req.params.userId }).end() } catch (e) { res.status(400).json({ message: 'user deletion failed' }).end() } } export default { getUsers, createUser, getUser, updateUser, removeUser, }