csc309-team58/sports-matcher/server/middleware/authority.js

29 lines
927 B
JavaScript
Raw Normal View History

import MongoStore from "connect-mongo";
import session from "express-session";
import { mongooseDbName, mongoURI } from "../database/mongoose.js";
2022-04-05 03:50:26 +00:00
import userModel from "../schemas/userModel.js";
const sessionConf = {
secret: process.env.SESSION_SECRET || "super duper secret string.",
cookie: {
expires: process.env.SESSION_TIMEOUT || 300000,
httpOnly: true,
},
saveUninitialized: false,
resave: false,
};
if (process.env.NODE_ENV === "production") {
sessionConf.cookie.secure = true;
sessionConf.store = MongoStore.create({ mongoUrl: mongoURI, dbName: mongooseDbName });
}
export const userSession = session(sessionConf);
export async function requireAuthenticated(req, res, next) {
if (req.session.userId) {
2022-04-05 03:50:26 +00:00
req.user = await userModel.findById(req.session.userId);
next();
} else {
2022-04-05 03:50:26 +00:00
res.status(401).send("Not authorized.");
return;
}
}