Refactoring
This commit is contained in:
Carsten Graf
48
middleware/auth.js
Normal file
48
middleware/auth.js
Normal file
@@ -0,0 +1,48 @@
|
||||
// Authentifizierungs-Middleware
|
||||
|
||||
const { hasRole } = require('../helpers/utils');
|
||||
|
||||
// Middleware: Authentifizierung prüfen
|
||||
function requireAuth(req, res, next) {
|
||||
if (req.session.userId) {
|
||||
next();
|
||||
} else {
|
||||
res.redirect('/login');
|
||||
}
|
||||
}
|
||||
|
||||
// Middleware: Prüft ob User eine bestimmte Rolle hat
|
||||
function requireRole(role) {
|
||||
return (req, res, next) => {
|
||||
if (req.session.userId && hasRole(req, role)) {
|
||||
next();
|
||||
} else {
|
||||
res.status(403).send('Zugriff verweigert');
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
// Middleware: Admin-Rolle prüfen
|
||||
function requireAdmin(req, res, next) {
|
||||
if (req.session.userId && hasRole(req, 'admin')) {
|
||||
next();
|
||||
} else {
|
||||
res.status(403).send('Zugriff verweigert');
|
||||
}
|
||||
}
|
||||
|
||||
// Middleware: Verwaltung-Rolle prüfen (Verwaltung oder Admin)
|
||||
function requireVerwaltung(req, res, next) {
|
||||
if (req.session.userId && (hasRole(req, 'verwaltung') || hasRole(req, 'admin'))) {
|
||||
next();
|
||||
} else {
|
||||
res.status(403).send('Zugriff verweigert');
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
requireAuth,
|
||||
requireRole,
|
||||
requireAdmin,
|
||||
requireVerwaltung
|
||||
};
|
||||
Reference in New Issue
Block a user