mirror of
https://github.com/thelittlerocket/zero-ui.git
synced 2025-01-04 05:11:45 +08:00
34 lines
945 B
JavaScript
34 lines
945 B
JavaScript
|
const db = require("../utils/db");
|
||
|
const verifyHash = require("pbkdf2-wrapper/verifyHash");
|
||
|
|
||
|
exports.authorize = authorize;
|
||
|
async function authorize(username, password, callback) {
|
||
|
try {
|
||
|
var users = await db.get("users");
|
||
|
} catch (err) {
|
||
|
throw err;
|
||
|
}
|
||
|
const user = users.find({ username: username });
|
||
|
if (!user.value()) return callback(new Error("Cannot find user"));
|
||
|
const verified = await verifyHash(password, user.value()["password_hash"]);
|
||
|
if (verified) {
|
||
|
return callback(null, user.value());
|
||
|
} else {
|
||
|
return callback(new Error("Invalid password"));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
exports.isAuthorized = isAuthorized;
|
||
|
async function isAuthorized(req, res, next) {
|
||
|
if (req.token) {
|
||
|
const user = await db.get("users").find({ token: req.token }).value();
|
||
|
if (user) {
|
||
|
next();
|
||
|
} else {
|
||
|
res.status(403).send({ error: "Invalid token" });
|
||
|
}
|
||
|
} else {
|
||
|
res.status(401).send({ error: "Specify token" });
|
||
|
}
|
||
|
}
|