Instantly share code, notes, and snippets.
Created
November 22, 2016 23:49
-
Star
0
(0)
You must be signed in to star a gist -
Fork
0
(0)
You must be signed in to fork a gist
-
Save Dellybro/a56976ecdeccbb9a0233bc30fd86f9a5 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var models = require('../../models') | |
| var Log = require('../../tools/Log') | |
| var jwt = require('jsonwebtoken') | |
| var config = require('../../config') | |
| var Sequelize = require('sequelize'); | |
| var authChecker = function(req, res, next){ | |
| if(req.cookies['retco']) { | |
| jwt.verify(req.cookies['retco'], config.PUBLICKEY, {algorithms: ['RS256']}, (err, decoded) => { | |
| if (err) { | |
| console.log(err); | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(401) | |
| }else{ | |
| models.User.findOne({where: { | |
| uuid: decoded.uuid | |
| } | |
| }).then(user =>{ | |
| if(user){ | |
| req.user = user | |
| next(); | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(409) | |
| } | |
| }) | |
| } | |
| }) | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.status(404).json({cookie:false}) | |
| } | |
| } | |
| var admin = function(req, res, next){ | |
| if(req.cookies['retco']) { | |
| jwt.verify(req.cookies['retco'], config.PUBLICKEY, {algorithms: ['RS256']}, (err, decoded) => { | |
| if (err) { | |
| console.log(err); | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(401) | |
| }else{ | |
| models.User.findOne({where: { | |
| uuid: decoded.uuid | |
| } | |
| }).then(user =>{ | |
| if(user){ | |
| if(user.user_type == "admin"){ | |
| req.user = user | |
| next(); | |
| }else{ | |
| res.status(401).json({error: "Unauthorized"}); | |
| } | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(409) | |
| } | |
| }) | |
| } | |
| }) | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.status(404).json({cookie:false}) | |
| } | |
| } | |
| var sales = function(req, res, next){ | |
| if(req.cookies['retco']) { | |
| jwt.verify(req.cookies['retco'], config.PUBLICKEY, {algorithms: ['RS256']}, (err, decoded) => { | |
| if (err) { | |
| console.log(err); | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(401) | |
| }else{ | |
| models.User.findOne({where: { | |
| uuid: decoded.uuid | |
| } | |
| }).then(user =>{ | |
| if(user){ | |
| if(user.user_type == "admin" || user.user_type == "sales"){ | |
| req.user = user | |
| next(); | |
| }else{ | |
| res.status(401).json({error: "Unauthorized"}); | |
| } | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(409) | |
| } | |
| }) | |
| } | |
| }) | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.status(404).json({cookie:false}) | |
| } | |
| } | |
| var manager = function(req, res, next){ | |
| if(req.cookies['retco']) { | |
| jwt.verify(req.cookies['retco'], config.PUBLICKEY, {algorithms: ['RS256']}, (err, decoded) => { | |
| if (err) { | |
| console.log(err); | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(401) | |
| }else{ | |
| models.User.findOne({where: { | |
| uuid: decoded.uuid | |
| } | |
| }).then(user =>{ | |
| if(user){ | |
| if(user.user_type == "admin" || user.user_type == "manager"){ | |
| req.user = user | |
| next(); | |
| }else{ | |
| res.status(401).json({error: "Unauthorized"}); | |
| } | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(409) | |
| } | |
| }) | |
| } | |
| }) | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.status(404).json({cookie:false}) | |
| } | |
| } | |
| var employee = function(req, res, next){ | |
| if(req.cookies['retco']) { | |
| jwt.verify(req.cookies['retco'], config.PUBLICKEY, {algorithms: ['RS256']}, (err, decoded) => { | |
| if (err) { | |
| console.log(err); | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(401) | |
| }else{ | |
| models.User.findOne({where: { | |
| uuid: decoded.uuid | |
| } | |
| }).then(user =>{ | |
| if(user){ | |
| if(user.user_type == "admin" || user.user_type == "manager" || user.user_type == "employee"){ | |
| req.user = user | |
| next(); | |
| }else{ | |
| res.status(401).json({error: "Unauthorized"}); | |
| } | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.sendStatus(409) | |
| } | |
| }) | |
| } | |
| }) | |
| }else{ | |
| res.cookie("retco", "", { expires: new Date() , httpOnly:true}); | |
| res.status(404).json({cookie:false}) | |
| } | |
| } | |
| module.exports = { | |
| authChecker, | |
| admin, | |
| sales, | |
| manager, | |
| employee | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment