Essential backend functionality, including logins.

2019-08-21 12:52:12 +02:00
parent d2168ab4a0
commit 99f2c5e7d8
14 changed files with 3965 additions and 1 deletions
--- a/utils/requirePermission.js
+++ b/utils/requirePermission.js
@@ -0,0 +1,13 @@
+'use strict';
+
+// Adapted from https://stackoverflow.com/questions/9609325/node-js-express-js-user-permission-security-model
+module.exports = function requirePermission(permission) {
+  return function(req, res, next) {
+    console.log(req.user);
+    if (req.user && req.user.permissions[permission]) {
+      next();
+    } else {
+      res.status(403).send(`Permission ${permission} not met.`);
+    }
+  }
+}