split/monofile
1
0
Fork 0
mirror of https://github.com/mollersuite/monofile.git synced 2024-11-21 21:36:26 -08:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

bearer-auth: make fileApiRoutes use middleware

Browse source
This commit is contained in:
May 2023-10-01 16:25:21 -07:00
parent 64dd66dc03
commit 14d4261858
1 changed files with 5 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/server/routes/fileApiRoutes.ts
View file

@ -7,6 +7,7 @@ import {writeFile} from "fs";
import ServeError from "../lib/errors";
import Files from "../lib/files";
import { getAccount, requiresAccount } from "../lib/middleware";
let parser = bodyParser.json({
type: ["text/plain","application/json"]
@ -21,14 +22,11 @@ export function setFilesObj(newFiles:Files) {
let config = require(`${process.cwd()}/config.json`)
fileApiRoutes.get("/list", (req,res) => {
fileApiRoutes.use(getAccount);
if (!auth.validate(req.cookies.auth)) {
ServeError(res, 401, "not logged in")
return
}
fileApiRoutes.get("/list", requiresAccount, (req,res) => {
let acc = Accounts.getFromToken(req.cookies.auth)
let acc = res.locals.acc as Accounts.Account
if (!acc) return
let accId = acc.id
@ -48,12 +46,7 @@ fileApiRoutes.get("/list", (req,res) => {
fileApiRoutes.post("/manage", parser, (req,res) => {
if (!auth.validate(req.cookies.auth)) {
ServeError(res, 401, "not logged in")
return
}
let acc = Accounts.getFromToken(req.cookies.auth) as Accounts.Account
let acc = res.locals.acc as Accounts.Account
if (!acc) return
if (!req.body.target || !(typeof req.body.target == "object") || req.body.target.length < 1) return