ydeng/csc309-team58
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8f46ad77b8
csc309-team58/sports-matcher/server/middleware/authority.js
Harrison Deng 8f96a2e5c9 Multiple changes, basic rental CRUD backend implemented. 
All responses are now in their own object with context name.

Added limit to user based recent results for matches.

Moved all code in endpoints inside try and catch.

Renamed authentication guard function.
2022-04-05 11:50:35 -05:00

29 lines
927 B
JavaScript
Raw Blame History

import MongoStore from "connect-mongo";
import session from "express-session";
import { mongooseDbName, mongoURI } from "../database/mongoose.js";
import userModel from "../schemas/userModel.js";
const sessionConf = {
secret: process.env.SESSION_SECRET || "super duper secret string.",
cookie: {
expires: process.env.SESSION_TIMEOUT || 300000,
httpOnly: true,
},
saveUninitialized: false,
resave: false,
};
if (process.env.NODE_ENV === "production") {
sessionConf.cookie.secure = true;
sessionConf.store = MongoStore.create({ mongoUrl: mongoURI, dbName: mongooseDbName });
}
export const userSession = session(sessionConf);
export async function requireAuthenticated(req, res, next) {
if (req.session.userId) {
req.user = await userModel.findById(req.session.userId);
next();
} else {
res.status(401).send("Not authorized.");
return;
}
}
Reference in New Issue View Git Blame Copy Permalink