cokeSchlumpf · November 23, 2017 15:02
diff --git a/authentifizierung.js b/authentifizierung.js
 (req, res, next) => {
    const auth = req.cookies.auth;
    const token = _.get(auth, 'token');

    if (token) {
      cloudant((db) => {
        const selector = {
          entity: 'user',
          token: token
        };

        db.find({ selector }, (err, result) => {
          const docs = _.get(result, 'docs', []);

          if (err || _.size(docs) < 1) {
            next();
          }
          else {
            const user = docs[0];
            const uuser = _.assign({}, user, {
              lastActivity: Date.now()
            });

            db.insert(uuser, (err) => {
              if (err) {
                winston.error('Unable to update user data in database', err);
              } 
              else {
                req.user = user;
              }

              next();
            });
          }
        });
      });
    }
    else {
      next();
    }
  }
diff --git a/authorisierung.js b/authorisierung.js
 export const authorize = (...roles) => (req, res, next) => {
  if (_.isUndefined(req.user)) {
    res.redirect(LOGIN_URL);
  }
  else if (_.size(roles) > 0 && _.size(_.intersection(roles, _.get(req, 'user.roles', []))) === 0) {
    res
      .status(401)
      .redirect(UNAUTHORIZED_URL);
  }
  else {
    next();
  }
 }
diff --git a/sample.js b/sample.js
 const api = express.Router();

 api.use(authorize('role1'));
 api.post('/', handleRequest);

 api.use(authorize('admin'));
 api.get('/info', authorize('hallo'), handleInfo);
 api.get('/', handleRequest);
	(req, res, next) => {
	const auth = req.cookies.auth;
	const token = _.get(auth, 'token');

	if (token) {
	cloudant((db) => {
	const selector = {
	entity: 'user',
	token: token
	};

	db.find({ selector }, (err, result) => {
	const docs = _.get(result, 'docs', []);

	if (err \|\| _.size(docs) < 1) {
	next();
	}
	else {
	const user = docs[0];
	const uuser = _.assign({}, user, {
	lastActivity: Date.now()
	});

	db.insert(uuser, (err) => {
	if (err) {
	winston.error('Unable to update user data in database', err);
	}
	else {
	req.user = user;
	}

	next();
	});
	}
	});
	});
	}
	else {
	next();
	}
	}
	export const authorize = (...roles) => (req, res, next) => {
	if (_.isUndefined(req.user)) {
	res.redirect(LOGIN_URL);
	}
	else if (_.size(roles) > 0 && _.size(_.intersection(roles, _.get(req, 'user.roles', []))) === 0) {
	res
	.status(401)
	.redirect(UNAUTHORIZED_URL);
	}
	else {
	next();
	}
	}
	const api = express.Router();

	api.use(authorize('role1'));
	api.post('/', handleRequest);

	api.use(authorize('admin'));
	api.get('/info', authorize('hallo'), handleInfo);
	api.get('/', handleRequest);