refactor(v1 middle ware): removed the need for this and just let it all pass
This commit is contained in:
@@ -5,18 +5,18 @@ import jwt from "jsonwebtoken";
|
|||||||
const { sign, verify } = jwt;
|
const { sign, verify } = jwt;
|
||||||
|
|
||||||
export const authMiddleware: MiddlewareHandler = async (c, next) => {
|
export const authMiddleware: MiddlewareHandler = async (c, next) => {
|
||||||
console.log("middleware checked");
|
// console.log("middleware checked");
|
||||||
const cookieHeader = c.req.header("Cookie");
|
// const cookieHeader = c.req.header("Cookie");
|
||||||
if (!cookieHeader) return c.json({ error: "Unauthorized" }, 401);
|
// if (!cookieHeader) return c.json({ error: "Unauthorized" }, 401);
|
||||||
|
|
||||||
const res = await axios.get(`${process.env.LST_BASE_URL}/api/user/me`, {
|
// const res = await axios.get(`${process.env.LST_BASE_URL}/api/user/me`, {
|
||||||
headers: { Cookie: cookieHeader },
|
// headers: { Cookie: cookieHeader },
|
||||||
});
|
// });
|
||||||
|
|
||||||
if (res.status === 401) return c.json({ error: "Unauthorized" }, 401);
|
// if (res.status === 401) return c.json({ error: "Unauthorized" }, 401);
|
||||||
|
|
||||||
//const user = await resp.json();
|
// //const user = await resp.json();
|
||||||
c.set("user", res.data.user);
|
// c.set("user", res.data.user);
|
||||||
return next();
|
return next();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -84,26 +84,26 @@ interface UserRole {
|
|||||||
|
|
||||||
const hasCorrectRole = (requiredRole: string[], module: string) =>
|
const hasCorrectRole = (requiredRole: string[], module: string) =>
|
||||||
createMiddleware(async (c, next) => {
|
createMiddleware(async (c, next) => {
|
||||||
const cookieHeader = c.req.header("Cookie");
|
// const cookieHeader = c.req.header("Cookie");
|
||||||
if (!cookieHeader) return c.json({ error: "Unauthorized" }, 401);
|
// if (!cookieHeader) return c.json({ error: "Unauthorized" }, 401);
|
||||||
|
|
||||||
const res = await axios.get(`${process.env.LST_BASE_URL}/api/user/roles`, {
|
// const res = await axios.get(`${process.env.LST_BASE_URL}/api/user/roles`, {
|
||||||
headers: { Cookie: cookieHeader },
|
// headers: { Cookie: cookieHeader },
|
||||||
});
|
// });
|
||||||
|
|
||||||
const currentRoles: UserRole[] = res.data.data;
|
// const currentRoles: UserRole[] = res.data.data;
|
||||||
const canAccess = currentRoles.some(
|
// const canAccess = currentRoles.some(
|
||||||
(r) => r.module === module && requiredRole.includes(r.role),
|
// (r) => r.module === module && requiredRole.includes(r.role),
|
||||||
);
|
// );
|
||||||
if (!canAccess) {
|
// if (!canAccess) {
|
||||||
return c.json(
|
// return c.json(
|
||||||
{
|
// {
|
||||||
error: "Unauthorized",
|
// error: "Unauthorized",
|
||||||
message: `You do not have access to ${module}`,
|
// message: `You do not have access to ${module}`,
|
||||||
},
|
// },
|
||||||
400,
|
// 400,
|
||||||
);
|
// );
|
||||||
}
|
// }
|
||||||
|
|
||||||
return next();
|
return next();
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user