manager-bh/server/_helpers/authorize.js

const assignParam = (dev, prod) =>
  process.env.NODE_ENV !== 'production' ? dev : prod

const parseToken = (req, res, next) => {
  req.isAdmin = assignParam(
    true,
    Boolean(
      req?.kauth?.grant?.access_token?.content?.resource_access?.[
        'manager-admin'
      ]?.roles?.includes('manager_admin'),
    ),
  )

  req.userId = assignParam(
    process.env['KC.DEV.ID'],
    req.kauth?.grant?.access_token?.content?.sub,
  )
  req.user = assignParam(
    { sub: '123', name: 'dev' },
    req.kauth?.grant?.access_token?.content,
  )

  next()
}

const adminOnly = [
  parseToken,
  (req, res, next) => {
    if (!req.isAdmin) {
      // user's role is not authorized
      return res.status(403).send({ code: 4, error: 'Access denied' })
    }
    next()
  },
]

module.exports = {
  adminOnly,
  parseToken,
}
init 2024-11-04 18:47:17 +03:00			`const assignParam = (dev, prod) =>`
			`process.env.NODE_ENV !== 'production' ? dev : prod`

			`const parseToken = (req, res, next) => {`
			`req.isAdmin = assignParam(`
			`true,`
			`Boolean(`
			`req?.kauth?.grant?.access_token?.content?.resource_access?.[`
			`'manager-admin'`
			`]?.roles?.includes('manager_admin'),`
			`),`
			`)`

			`req.userId = assignParam(`
			`process.env['KC.DEV.ID'],`
			`req.kauth?.grant?.access_token?.content?.sub,`
			`)`
			`req.user = assignParam(`
			`{ sub: '123', name: 'dev' },`
			`req.kauth?.grant?.access_token?.content,`
			`)`

			`next()`
			`}`

			`const adminOnly = [`
			`parseToken,`
			`(req, res, next) => {`
			`if (!req.isAdmin) {`
			`// user's role is not authorized`
			`return res.status(403).send({ code: 4, error: 'Access denied' })`
			`}`
			`next()`
			`},`
			`]`

			`module.exports = {`
			`adminOnly,`
			`parseToken,`
			`}`