mirror of
https://github.com/dec0dOS/zero-ui.git
synced 2025-11-01 00:46:03 +08:00
35 lines
1 KiB
JavaScript
35 lines
1 KiB
JavaScript
import { db } from "../utils/db.js";
|
|
import verifyHash from "pbkdf2-wrapper/verifyHash.js";
|
|
|
|
export async function authorize(username, password, callback) {
|
|
try {
|
|
var users = await db.get("users");
|
|
} catch (err) {
|
|
throw err;
|
|
}
|
|
const user = users.find({ username: username });
|
|
if (!user.value()) return callback(new Error("logInFailed")); // If return "user not found" someone can do a user listing
|
|
const verified = await verifyHash(password, user.value()["password_hash"]);
|
|
if (verified) {
|
|
return callback(null, user.value());
|
|
} else {
|
|
return callback(new Error("logInFailed"));
|
|
}
|
|
}
|
|
|
|
export async function isAuthorized(req, res, next) {
|
|
if (process.env.ZU_DISABLE_AUTH === "true") {
|
|
next();
|
|
} else {
|
|
if (req.token) {
|
|
const user = await db.get("users").find({ token: req.token }).value();
|
|
if (user) {
|
|
next();
|
|
} else {
|
|
res.status(403).send({ error: "Invalid token" });
|
|
}
|
|
} else {
|
|
res.status(401).send({ error: "Specify token" });
|
|
}
|
|
}
|
|
}
|