auth.js 2.14 KB
const jwt = require('jsonwebtoken')
const config = require(__dirname + '/../config/config')

const { sendError } = require('../utils/response')
const { isAdmin } = require('../controllers/authController')
const { logging } = require('../utils/log')

exports.memberOnly = (req, res, next) => {
    const token = req.headers.authorization
    try {
        req.decoded = jwt.verify(token, config.JWT_KEY)
        return next()
    } catch (error) {
        if (error.name === 'TokenExpiredError') {
            logging('auth', 'error', { code: 419, message: `TokenExpired` }, req)
            return sendError(res, 419,'TokenExpired')

        } else {
            logging('auth', 'error', { code: 401, message: `InvalidToken` }, req)
            return sendError(res, 401, 'InvalidToken')
        }
    }
}

exports.guestOnly = (req, res, next) => {
    const token = req.headers.authorization
    if (typeof token === undefined) {
        return next()
    } else {
        try {
            const decoded = jwt.verify(token, config.JWT_KEY)
            if (decoded !== null) {
                logging('auth', 'error', { code: 403, message: `GuestOnly` }, req)
                return sendError(res, 403, 'GuestOnly')
            } else {
                return next()
            }
        } catch (error) {
            return next()
        }
    }
}

exports.adminOnly = async (req, res, next) => {
    const token = req.headers.authorization
    let auth = false
    let userId = null

    try{
        req.decoded = jwt.verify(token, config.JWT_KEY)
        userId = req.decoded.id
    } catch (error) {
        if (error.name === 'TokenExpiredError') {
            logging('auth', 'error', { code: 419, message: `TokenExpired` }, req)
            return sendError(res, 419, 'TokenExpired')
        } else {
            logging('auth', 'error', { code: 401, message: `InvalidToken` }, req)
            return sendError(res, 401, 'InvalidToken')
        }
    }

    auth = await isAdmin(userId)
    if (auth) {
        next()
    } else {
        logging('auth', 'error', { code: 403, message: `Unauthoirzed Access` }, req)
        return sendError(res, 403, 'Unauthoirzed Access')
    }
}