From 22c5a8a83dbd7b135adf9e7466ce8fecef93b75f Mon Sep 17 00:00:00 2001
From: Harrison Deng <yunyangdeng@gmail.com>
Date: Fri, 1 Apr 2022 05:35:36 -0500
Subject: [PATCH] Created authorization related middleware.

---
 server/middleware/Authority.js | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 server/middleware/Authority.js

diff --git a/server/middleware/Authority.js b/server/middleware/Authority.js
new file mode 100644
index 0000000..eb6eb2e
--- /dev/null
+++ b/server/middleware/Authority.js
@@ -0,0 +1,30 @@
+import MongoStore from "connect-mongo";
+import session from "express-session";
+import { dbName, mongoURI } from "../database/mongoose.js";
+const sessionConf = {
+    secret: process.env.SESSION_SECRET || "super duper secret string.",
+    cookie: {
+        expires: process.env.SESSION_TIMEOUT || 300000,
+        httpOnly: true,
+    },
+    saveUninitialized: false,
+    resave: false,
+};
+if (process.env.NODE_ENV === "production") {
+    sessionConf.cookie.secure = true;
+    sessionConf.store = MongoStore.create({ mongoUrl: mongoURI, dbName: dbName });
+}
+export const userSession = session(sessionConf);
+
+export function authenticationGuard(req, res, next) {
+    if (req.session.userId) {
+        next();
+    } else {
+        res.sendStatus(401);
+        return;
+    }
+}
+
+// TODO: Authentication
+// TODO: Identity
+// TODO: Authority
\ No newline at end of file