chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

fix: auth & role code

Browse source
This commit is contained in:
puriphat 2024-06-14 06:30:10 +00:00
parent 1048944773
commit be46aa3cff
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/middlewares/auth.ts
View file

@ -12,6 +12,6 @@ export async function expressAuthentication(
case "keycloak":
return keycloakAuth(request, scopes);
default:
throw new HttpError(HttpStatus.NOT_IMPLEMENTED, "ไม่ทราบวิธียืนยันตัวตน");
throw new HttpError(HttpStatus.NOT_IMPLEMENTED, "Unknown how to verify identity.", "unknowHowToVerify");
}
}

6
src/middlewares/role.ts
View file

@ -5,14 +5,14 @@ import HttpStatus from "../interfaces/http-status";
export function role(
role: string | string[],
errorMessage: string = "คุณไม่มีสิทธิในการเข้าถึงทรัพยากรดังกล่าว",
errorMessage: string = "You do not have permission to access this resource.",
) {
return (req: RequestWithUser, _res: Response, next: NextFunction) => {
if (!Array.isArray(role) && !req.user.role.includes(role) && !req.user.role.includes("*")) {
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage);
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
}
if (role !== "*" && !req.user.role.some((v) => role.includes(v))) {
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage);
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
}
return next();
};