sports-matcher/server/middleware/Authority.js

30 lines
831 B
JavaScript

import MongoStore from "connect-mongo";
import session from "express-session";
import { dbName, mongoURI } from "../database/mongoose.js";
const sessionConf = {
secret: process.env.SESSION_SECRET || "super duper secret string.",
cookie: {
expires: process.env.SESSION_TIMEOUT || 300000,
httpOnly: true,
},
saveUninitialized: false,
resave: false,
};
if (process.env.NODE_ENV === "production") {
sessionConf.cookie.secure = true;
sessionConf.store = MongoStore.create({ mongoUrl: mongoURI, dbName: dbName });
}
export const userSession = session(sessionConf);
export function authenticationGuard(req, res, next) {
if (req.session.userId) {
next();
} else {
res.sendStatus(401);
return;
}
}
// TODO: Authentication
// TODO: Identity
// TODO: Authority