diff --git a/middlewares/authMiddleware.js b/middlewares/authMiddleware.js new file mode 100644 index 0000000000000000000000000000000000000000..8744a4acc44112ca449a05250988be2fd8ec565a --- /dev/null +++ b/middlewares/authMiddleware.js @@ -0,0 +1,26 @@ +const userModel = require('../models/user.model'); + +const errorAuth = {error : "Not connected"} + +module.exports.checkAuthMiddleware = function(req,res,next){ + let token = "" + if(req.query.token){ + token = req.query.token; + }else if (req.body.token) { + token = req.body.token; + } + userModel.getUserByToken(token).then(users => { + if(users){ + req.session.user = users[0]; + next(); + }else{ + res.status(200).send(errorAuth); + return 1; + } + }) + +} + +module.exports.checkAuth = function(){ + return exports.checkAuthMiddleware +} diff --git a/models/item.model.js b/models/item.model.js index daabee826485bd7ac6a9772d34e43f99a5f67492..309125b50cc101ed5e907836d39878c00daaa2c5 100644 --- a/models/item.model.js +++ b/models/item.model.js @@ -25,14 +25,14 @@ sequelize.sync({force:true}).then(() => { price: 4, userId: 1, typeItem: 2 - }).then(out => console.log(out.dataValues)); + }) Items.create({ description: 'Bon shit sa mère', price: 10, userId: 2, typeItem: 1 - }).then(out => console.log(out.dataValues)); + }) }) function getItem(id) { diff --git a/models/sequelize.js b/models/sequelize.js index 07d6be8e74f9229f77ad6a8632df29f06e27c73a..6beb44fff47e490f6601f2100303a2ff9a4912fd 100644 --- a/models/sequelize.js +++ b/models/sequelize.js @@ -4,6 +4,7 @@ var sequelize = new Sequelize('csb', 'csb', 'csbcmqLBC!', { host: 'nicolasfley.fr', port: 3306, dialect: 'mysql', + //logging: false, // to stop verbose pool: { max: 5, diff --git a/models/user.model.js b/models/user.model.js index b9d41b7b999d8e63bb1af105f7be8aac0631e2b7..1b65b7ddaa29808a2b5f24ff3777eb0210b2681f 100644 --- a/models/user.model.js +++ b/models/user.model.js @@ -65,7 +65,7 @@ function authUser(userInfos) { }) } -function isAuthed(token){ +function getUserByToken(token){ return Users.findOne({where : {token : token}}); } @@ -84,4 +84,4 @@ function deleteUser(id) { }) } -module.exports = {getUser, addUser, deleteUser, authUser, refreshUser,getUserUName} \ No newline at end of file +module.exports = {getUser, addUser, deleteUser, authUser, refreshUser,getUserUName,getUserByToken} diff --git a/routes/item.route.js b/routes/item.route.js index e386804e3261c47f45637792bcfac745f2d2b296..9f6d09ed847bd863e016e23605b21fed85724c08 100644 --- a/routes/item.route.js +++ b/routes/item.route.js @@ -1,10 +1,13 @@ const express = require('express'); const itemModel = require('../models/item.model'); +const authMiddleware = require('../middlewares/authMiddleware'); const router = express.Router(); const DEFAULT_PAGE = 0; const DEFAULT_STEP = 10; +router.use(authMiddleware.checkAuth()); + router.get('/byId/:id', function(req, res) { let id = parseInt(req.params.id); itemModel.getItem(id).then(out => res.json(out));