23 lines
453 B
JavaScript
23 lines
453 B
JavaScript
|
const db = require("../data/database");
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
async function auth (req, res, next) {
|
||
|
|
const user = req.session.user;
|
||
|
|
const isAuth = req.session.isAuthenticated;
|
||
|
|
|
||
|
|
if (!user || !isAuth) {
|
||
|
|
return next();
|
||
|
|
}
|
||
|
|
|
||
|
|
const userDoc = await db.getDb().collection('users').findOne({_id: user.id})
|
||
|
|
const isAdmin = userDoc.isAdmin;
|
||
|
|
|
||
|
|
res.locals.user = userDoc;
|
||
|
|
res.locals.isAuth = isAuth;
|
||
|
|
res.locals.isAdmin = isAdmin;
|
||
|
|
|
||
|
|
next();
|
||
|
|
}
|
||
|
|
|
||
|
|
module.exports = auth
|