45 lines
1.4 KiB
JavaScript
45 lines
1.4 KiB
JavaScript
const { Router, request, response } = require("express");
|
|
const app = Router();
|
|
const fs = require("fs");
|
|
const bcrypt = require("bcrypt");
|
|
const { SecretModel, UserModel } = require("../../models");
|
|
|
|
/**
|
|
* Auth checker
|
|
* @param {request} req
|
|
* @param {response} res
|
|
*/
|
|
|
|
app.use(async (req, res, next) => {
|
|
res.error = (status, error) => res.status(status).json({ error });
|
|
|
|
res.complate = result => res.status(200).json(result);
|
|
|
|
if (req.user) return next();
|
|
const authHeader = req.headers.authorization;
|
|
if (!authHeader) return res.error(401, "No authorization header");
|
|
const [username, password] = Buffer.from(authHeader.split(' ')[1], "base64").toString().split(":");
|
|
|
|
if (!username || !password)
|
|
return res.error(401, "Authorise headers are missing")
|
|
|
|
const user = await SecretModel.findOne({ username });
|
|
|
|
if (!user)
|
|
return res.error(401, `We don't have any thread with name ${username}.`)
|
|
|
|
if (!await bcrypt.compare(password, user.password)) return res.error(401, 'Incorrect Password!');
|
|
|
|
req.user = await UserModel.findOne({ name: req.headers.username });
|
|
|
|
next();
|
|
});
|
|
|
|
app.get("/me", (req, res) => res.complate(req.user))
|
|
|
|
for (const file of fs.readdirSync("./routes/api/routes"))
|
|
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
|
|
|
|
app.all("*", (req, res) => res.error(400, "Bad request"));
|
|
|
|
module.exports = app; |