CoreID/app/routing/middleware/auth/UserOnly.middleware.js

32 lines
1.1 KiB
JavaScript
Raw Normal View History

2020-04-17 00:59:48 +00:00
/*
* UserOnly Middleware
* -------------------------------------------------------------
* Allows the request to proceed if there's an authenticated user
* in the session. Otherwise, redirects the user to the login page
* of the default provider.
*/
const Middleware = require('flitter-auth/middleware/UserOnly')
class UserOnly extends Middleware {
2020-04-22 21:56:39 +00:00
static get services() {
return [...super.services, 'output']
}
2020-04-17 00:59:48 +00:00
2020-04-22 21:56:39 +00:00
async test(req, res, next, args = {}){
if ( req.is_auth && !req.session.auth.in_dmz ) return next()
else if ( req.is_auth ) { // Need an MFA challenge
if ( !req.session.auth.flow ) req.session.auth.flow = req.originalUrl
return res.redirect('/auth/mfa/challenge')
}
else {
// If not signed in, save the target url so we can redirect back here after auth
req.session.auth.flow = req.originalUrl
this.output.debug('Set auth flow: '+req.originalUrl)
return res.redirect('/auth/login')
}
}
2020-04-17 00:59:48 +00:00
}
module.exports = UserOnly