src/server/middleware/authenticate.js

const server_constants = require('../tools/server_constants');

var { User } = require('../models/user');

const tools = require('../tools/general');

const auth_default = (req, res, next) => {

  if (req.body.keyappid === process.env.KEY_APP_ID)
    next();

};

const authenticate = (req, res, next) => {
  const token = req.header('x-auth');

  // console.log('authenticate... ');

  let noaut = false;

  if (req.body.hasOwnProperty('noaut')) {
    noaut = req.body.noaut;
  }

  if (noaut) {
    next();
    return;
  }

  const access = 'auth';

  User.findByToken(token, access).then((user) => {

    if (!user) {
      // tools.mylog("TOKEN " + token);
      // tools.mylog(" NOT FOUND! (Maybe Connected to other Page) ACCESS: '" + access + "'");
      return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);
      // res.status().send();
    }

    if (!!user.deleted) {
      if (user.deleted)
        user = null;
    }

    if (!user) {
      return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);
    }

    if (!!user) {
      // Save last time online
      user.lasttimeonline = new Date();
      user.useragent = req.get('User-Agent');

      return user.save().then(() => {
        req.user = user;
        req.token = token;
        req.access = access;
        next();
      });
    }
    // tools.mylog('userid', user._id);

  }).catch((e) => {
    tools.mylog("ERR authenticate invalid Token =", e);
    res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send();
  });
};

const authenticate_noerror = (req, res, next) => {
  const token = req.header('x-auth');

  const access = 'auth';

  User.findByToken(token, access).then((user) => {
    if (!user) {
      req.user = null;
      req.token = null;
      req.access = null;
    } else {
      req.user = user;
      req.token = token;
      req.access = access;
    }
    next();
  }).catch((e) => {
    req.user = null;
    req.token = null;
    req.access = null;
  });
};

module.exports = { authenticate, authenticate_noerror, auth_default };
- Manage multiple login, in different browsers... Multi Token... 2019-02-09 18:03:14 +01:00			`const server_constants = require('../tools/server_constants');`

Aggiornamenti 2020-04-24 10:29:25 +02:00			`var { User } = require('../models/user');`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00
- Created all Tests with Mocha: User + Todo tables 2019-02-07 00:52:48 +01:00			`const tools = require('../tools/general');`

Carrello Spesa 2020-12-25 03:54:16 +01:00			`const auth_default = (req, res, next) => {`

			`if (req.body.keyappid === process.env.KEY_APP_ID)`
			`next();`

			`};`

- Added Delete Record to the CGridTableRec 2019-10-15 20:40:31 +02:00			`const authenticate = (req, res, next) => {`
			`const token = req.header('x-auth');`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00
- Added Delete Record to the CGridTableRec 2019-10-15 20:40:31 +02:00			`// console.log('authenticate... ');`
- ++Booking List - ++Delete a Booking also for the Admin. 2019-10-12 23:34:32 +02:00
poter visualizzare i propri beni e servizi anche se non sei registrato alla app ! 2023-01-04 02:09:42 +01:00			`let noaut = false;`

			`if (req.body.hasOwnProperty('noaut')) {`
			`noaut = req.body.noaut;`
			`}`

			`if (noaut) {`
			`next();`
			`return;`
			`}`

Fix: Todo Multi refresh ... fix some promises problem 2019-02-14 19:01:41 +01:00			`const access = 'auth';`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00
- cleaned some code. - routing offline - pushNotification 2019-02-12 12:06:25 +01:00			`User.findByToken(token, access).then((user) => {`
Aggiornamenti 2020-04-24 10:29:25 +02:00
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00			`if (!user) {`
Doppia modalità di Registrazione con lista extra utenti 2020-01-13 23:52:51 +01:00			`// tools.mylog("TOKEN " + token);`
			`// tools.mylog(" NOT FOUND! (Maybe Connected to other Page) ACCESS: '" + access + "'");`
- Manage multiple login, in different browsers... Multi Token... 2019-02-09 18:03:14 +01:00			`return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);`
			`// res.status().send();`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00			`}`
Step 2: Creating page Messages: userlist last messages + a page for all the messages received and sent. 2019-10-27 00:37:10 +02:00
Aggiornamenti 2020-04-24 10:29:25 +02:00			`if (!!user.deleted) {`
			`if (user.deleted)`
			`user = null;`
			`}`
Step 2: Creating page Messages: userlist last messages + a page for all the messages received and sent. 2019-10-27 00:37:10 +02:00
Aggiornamenti 2020-04-24 10:29:25 +02:00			`if (!user) {`
			`return Promise.reject(server_constants.RIS_CODE_HTTP_INVALID_TOKEN);`
			`}`

			`if (!!user) {`
			`// Save last time online`
			`user.lasttimeonline = new Date();`
Aggiunto userAgent alla tabella user 2022-02-22 18:10:31 +01:00			`user.useragent = req.get('User-Agent');`
Aggiornamenti 2020-04-24 10:29:25 +02:00
			`return user.save().then(() => {`
			`req.user = user;`
			`req.token = token;`
			`req.access = access;`
			`next();`
			`});`
			`}`
- fix: Date problems... (it was a bad "copy" function, the object date was not valid...) - fix: error fetch on loading... (offline appeared) 2019-02-11 02:59:05 +01:00			`// tools.mylog('userid', user._id);`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00
			`}).catch((e) => {`
Ver 0.2.8 Added msg Server error in every pages Nuovo Gruppo non funziona. Corretto altre funzioni del Gruppo Errore del server" Network Error", fare pagina test con altri host per vedere se da lo stesso msg, con IP 2022-02-22 15:24:32 +01:00			`tools.mylog("ERR authenticate invalid Token =", e);`
- Manage multiple login, in different browsers... Multi Token... 2019-02-09 18:03:14 +01:00			`res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send();`
First Commit FreePlanet_ServerSide 2018-12-24 20:31:02 +01:00			`});`
			`};`

- Enable Edit Event into dialog form ... (and save to the db) - Event: enabled drag and drop (date) - Q-Select components in every table field external: Where, Operators, etc... - CMyEditor: Add HTML Editor to the details field ! - Added button Color for change font color to the text. - Complete insert Events Site 2019-10-23 23:47:21 +02:00			`const authenticate_noerror = (req, res, next) => {`
			`const token = req.header('x-auth');`

			`const access = 'auth';`

			`User.findByToken(token, access).then((user) => {`
			`if (!user) {`
			`req.user = null;`
			`req.token = null;`
			`req.access = null;`
Aggiornamenti 2020-04-24 10:29:25 +02:00			`} else {`
- Enable Edit Event into dialog form ... (and save to the db) - Event: enabled drag and drop (date) - Q-Select components in every table field external: Where, Operators, etc... - CMyEditor: Add HTML Editor to the details field ! - Added button Color for change font color to the text. - Complete insert Events Site 2019-10-23 23:47:21 +02:00			`req.user = user;`
			`req.token = token;`
			`req.access = access;`
			`}`
			`next();`
			`}).catch((e) => {`
			`req.user = null;`
			`req.token = null;`
			`req.access = null;`
			`});`
			`};`

Carrello Spesa 2020-12-25 03:54:16 +01:00			`module.exports = { authenticate, authenticate_noerror, auth_default };`