CoreID/app/routing/middleware/auth/UserOnly.middleware.js
2020-05-03 20:16:54 -05:00

32 lines
1.1 KiB
JavaScript

/*
* UserOnly Middleware
* -------------------------------------------------------------
* Allows the request to proceed if there's an authenticated user
* in the session. Otherwise, redirects the user to the login page
* of the default provider.
*/
const Middleware = require('flitter-auth/middleware/UserOnly')
class UserOnly extends Middleware {
static get services() {
return [...super.services, 'output']
}
async test(req, res, next, args = {}){
if ( req.is_auth && !req.session.auth.in_dmz ) return next()
else if ( req.is_auth ) { // Need an MFA challenge
if ( !req.session.auth.flow ) req.session.auth.flow = req.originalUrl
return res.redirect('/auth/mfa/challenge')
}
else {
// If not signed in, save the target url so we can redirect back here after auth
req.session.auth.flow = req.originalUrl
this.output.debug('Set auth flow: '+req.originalUrl)
return res.redirect('/auth/login')
}
}
}
module.exports = UserOnly