mkrieger/Wachalarm-IP-Web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Funktion für Admin-Prüfung erweitert

Browse Source
This commit is contained in:
Richter 2019-05-13 10:40:29 +02:00
parent b6e1f514be
commit 278f7258b7
1 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
server/auth.js
View File

@ -100,15 +100,20 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
}; };
function ensureAdmin(req, res, next) { function ensureAdmin(req, res, next) {
db.get('SELECT permissions FROM waip_users WHERE id = ?', req.user.id, function(err, row) { if (req.isAuthenticated()) {
if ((req.isAuthenticated()) && (row.permissions == "admin")) { db.get('SELECT permissions FROM waip_users WHERE id = ?', req.user.id, function(err, row) {
// req.user is available for use here if (row.permissions == "admin") {
return next(); // req.user is available for use here
}; return next();
var err = new Error('Sie verfügen nicht über die notwendigen Berechtigungen!'); };
err.status = 401; var err = new Error('Sie verfügen nicht über die notwendigen Berechtigungen!');
next(err); err.status = 401;
}); next(err);
});
// denied. redirect to login
var err = new Error('Sie sind nicht angemeldet!');
err.status = 401;
next(err);
}; };
function createUser(req, res) { function createUser(req, res) {