feathers-auth-extend
Version:
Adds sign up verification, forgotten password reset, passwordless login, refresh token and other capabilities to feathers
40 lines (25 loc) • 1.11 kB
JavaScript
// eslint-disable-next-line no-unused-vars
module.exports = (target = 'id') => {
return async context => {
try {
//check if user has admin permission and that they want all results not just own
//first check if the user has admin permissions
if (context.params.user.permissions !== 'undefined' && context.params.user.permissions.includes('admin')) {
//detect if we have a x-mode header of admin
if (typeof context.params.headers['x-mode'] !== 'undefined' && context.params.headers['x-mode'] === 'admin') {
return;
}
}
//if we got here, we must be a user or didnt ask for a view mode
if (context.method.match('create')) {
context.data[target] = String(context.params.user._id);
} else if (context.method.match(/^(get|remove|update|patch)$/)) {
context.id = String(context.params.user._id);
} else {
context.params.query[target] = String(context.params.user._id);
}
} catch (err) {
throw new Error('Invalid User');
}
};
};