2020-04-02 16:27:31 +02:00
|
|
|
function SessionMiddleware({sessionService}) {
|
|
|
|
|
async function createSession(req, res, next) {
|
|
|
|
|
try {
|
|
|
|
|
await sessionService.createSessionForUser(req, res, req.user);
|
|
|
|
|
res.sendStatus(201);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
next(err);
|
2018-10-02 15:35:23 +07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-02 16:27:31 +02:00
|
|
|
async function destroySession(req, res, next) {
|
2019-01-18 17:03:03 +01:00
|
|
|
try {
|
2020-04-02 16:27:31 +02:00
|
|
|
await sessionService.destroyCurrentSession(req);
|
|
|
|
|
res.sendStatus(204);
|
2019-01-18 17:03:03 +01:00
|
|
|
} catch (err) {
|
2020-04-02 16:27:31 +02:00
|
|
|
next(err);
|
2019-01-18 17:03:03 +01:00
|
|
|
}
|
2020-04-02 16:27:31 +02:00
|
|
|
}
|
2019-01-18 17:03:03 +01:00
|
|
|
|
2020-04-02 16:27:31 +02:00
|
|
|
async function authenticate(req, res, next) {
|
|
|
|
|
try {
|
|
|
|
|
const user = await sessionService.getUserForSession(req, res);
|
2020-10-23 16:34:41 +02:00
|
|
|
if (user) {
|
|
|
|
|
// Do not nullify `req.user` as it might have been already set
|
|
|
|
|
// in a previous middleware (authorize middleware).
|
|
|
|
|
req.user = user;
|
|
|
|
|
}
|
2020-04-02 16:27:31 +02:00
|
|
|
next();
|
|
|
|
|
} catch (err) {
|
|
|
|
|
next(err);
|
2019-01-18 17:03:03 +01:00
|
|
|
}
|
2020-04-02 16:27:31 +02:00
|
|
|
}
|
2019-01-18 17:03:03 +01:00
|
|
|
|
2020-04-02 16:27:31 +02:00
|
|
|
return {
|
|
|
|
|
createSession: createSession,
|
|
|
|
|
destroySession: destroySession,
|
|
|
|
|
authenticate: authenticate
|
|
|
|
|
};
|
|
|
|
|
}
|
2018-10-02 15:35:23 +07:00
|
|
|
|
2020-04-02 16:27:31 +02:00
|
|
|
module.exports = SessionMiddleware;
|
