UNPKG

authkit-js

Version:

Express auth toolkit (JWT, Sessions with Redis, Google/GitHub OAuth) in JavaScript

35 lines (28 loc) 1.02 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
const { Errors } = require('../utils/errors'); function requireAuthGuard() { return function (req, res, next) { if (!req.auth || !req.auth.user) return next(Errors.UNAUTHORIZED()); next(); }; } function requireRole(role) { return function (req, _res, next) { const user = req.auth && req.auth.user; if (!user) return next(Errors.UNAUTHORIZED()); const roles = user.roles || user.role || []; const has = Array.isArray(roles) ? roles.includes(role) : roles === role; if (!has) return next(Errors.FORBIDDEN()); next(); }; } function requirePermission(permission) { return function (req, _res, next) { const user = req.auth && req.auth.user; if (!user) return next(Errors.UNAUTHORIZED()); const perms = user.permissions || []; const has = Array.isArray(perms) && perms.includes(permission); if (!has) return next(Errors.FORBIDDEN()); next(); }; } module.exports = { requireAuthGuard, requireRole, requirePermission };