43 lines
1.7 KiB
JavaScript
43 lines
1.7 KiB
JavaScript
const Session = require("../models/Session");
|
|
const APIKey = require("../models/APIKey");
|
|
const Account = require("../models/Account");
|
|
|
|
module.exports = async function(req, res, next) {
|
|
const authHeader = req.header("Authorization");
|
|
|
|
if (!authHeader) return res.status(401).json({message: "Missing Authorization header"});
|
|
|
|
// Check if authentication is a token
|
|
if (authHeader.startsWith("Bearer ")) {
|
|
req.token = authHeader.substring(7, authHeader.length);
|
|
|
|
try {
|
|
|
|
// Check if token is a session
|
|
const {count: sessionCount, rows: sessionRows} = await Session.findAndCountAll({where: {token: req.token}});
|
|
if (sessionCount === 1) {
|
|
req.sessionInfo = sessionRows[0].dataValues;
|
|
req.clientId = sessionRows[0].client_id;
|
|
req.tokenType = "client";
|
|
}
|
|
|
|
// Check if token is a api key
|
|
const {count: tokenCount, rows: tokenRows} = await APIKey.findAndCountAll({where: {token: req.token}});
|
|
if (tokenCount === 1) {
|
|
req.keyInfo = tokenRows[0].dataValues;
|
|
req.clientId = tokenRows[0].client_id;
|
|
req.tokenType = "apikey";
|
|
}
|
|
|
|
// Set data if the token is valid
|
|
if (req.tokenType) {
|
|
req.userInfo = await Account.findOne({where: {client_id: req.clientId}});
|
|
return next();
|
|
}
|
|
|
|
res.status(401).json({message: "Invalid token"});
|
|
} catch (e) {
|
|
res.status(500).json({message: "Unexpected error occurred"});
|
|
}
|
|
} else res.status(401).json({message: "Authorization required"});
|
|
} |