bearer-auth: make fileApiRoutes use middleware

This commit is contained in:
May 2023-10-01 16:25:21 -07:00
parent 64dd66dc03
commit 14d4261858

View file

@ -7,6 +7,7 @@ import {writeFile} from "fs";
import ServeError from "../lib/errors"; import ServeError from "../lib/errors";
import Files from "../lib/files"; import Files from "../lib/files";
import { getAccount, requiresAccount } from "../lib/middleware";
let parser = bodyParser.json({ let parser = bodyParser.json({
type: ["text/plain","application/json"] type: ["text/plain","application/json"]
@ -21,14 +22,11 @@ export function setFilesObj(newFiles:Files) {
let config = require(`${process.cwd()}/config.json`) let config = require(`${process.cwd()}/config.json`)
fileApiRoutes.get("/list", (req,res) => { fileApiRoutes.use(getAccount);
if (!auth.validate(req.cookies.auth)) { fileApiRoutes.get("/list", requiresAccount, (req,res) => {
ServeError(res, 401, "not logged in")
return
}
let acc = Accounts.getFromToken(req.cookies.auth) let acc = res.locals.acc as Accounts.Account
if (!acc) return if (!acc) return
let accId = acc.id let accId = acc.id
@ -48,12 +46,7 @@ fileApiRoutes.get("/list", (req,res) => {
fileApiRoutes.post("/manage", parser, (req,res) => { fileApiRoutes.post("/manage", parser, (req,res) => {
if (!auth.validate(req.cookies.auth)) { let acc = res.locals.acc as Accounts.Account
ServeError(res, 401, "not logged in")
return
}
let acc = Accounts.getFromToken(req.cookies.auth) as Accounts.Account
if (!acc) return if (!acc) return
if (!req.body.target || !(typeof req.body.target == "object") || req.body.target.length < 1) return if (!req.body.target || !(typeof req.body.target == "object") || req.body.target.length < 1) return