From 14d4261858ba0a78dea2eaac1d8551ba72526a08 Mon Sep 17 00:00:00 2001
From: stringsplit <77242831+nbitzz@users.noreply.github.com>
Date: Sun, 1 Oct 2023 16:25:21 -0700
Subject: [PATCH] bearer-auth: make fileApiRoutes use middleware

---
 src/server/routes/fileApiRoutes.ts | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/src/server/routes/fileApiRoutes.ts b/src/server/routes/fileApiRoutes.ts
index be461c9..8953a84 100644
--- a/src/server/routes/fileApiRoutes.ts
+++ b/src/server/routes/fileApiRoutes.ts
@@ -7,6 +7,7 @@ import {writeFile} from "fs";
 
 import ServeError from "../lib/errors";
 import Files from "../lib/files";
+import { getAccount, requiresAccount } from "../lib/middleware";
 
 let parser = bodyParser.json({
     type: ["text/plain","application/json"]
@@ -21,14 +22,11 @@ export function setFilesObj(newFiles:Files) {
 
 let config = require(`${process.cwd()}/config.json`)
 
-fileApiRoutes.get("/list", (req,res) => {
+fileApiRoutes.use(getAccount);
 
-    if (!auth.validate(req.cookies.auth)) {
-        ServeError(res, 401, "not logged in")
-        return
-    }
+fileApiRoutes.get("/list", requiresAccount, (req,res) => {
 
-    let acc = Accounts.getFromToken(req.cookies.auth)
+    let acc = res.locals.acc as Accounts.Account
     
     if (!acc) return
     let accId = acc.id
@@ -48,12 +46,7 @@ fileApiRoutes.get("/list", (req,res) => {
 
 fileApiRoutes.post("/manage", parser, (req,res) => {
 
-    if (!auth.validate(req.cookies.auth)) {
-        ServeError(res, 401, "not logged in")
-        return
-    }
-
-    let acc = Accounts.getFromToken(req.cookies.auth) as Accounts.Account
+    let acc = res.locals.acc as Accounts.Account
     
     if (!acc) return
     if (!req.body.target || !(typeof req.body.target == "object") || req.body.target.length < 1) return