The frontend/UI server, written in JS using the MarkoJS library
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

74 lines
1.8 KiB

const config = require("../config")
module.exports = (req, res, next) => {
if (res.marko) {
res.markoAsync = async(template, input) => {
const locals = Object.assign({}, (res.locals || {}), input)
try {
for (const key in locals) {
const value = locals[key]
if (value instanceof Promise) {
locals[key] = await value
}
}
if (locals.user.permissions != null) {
locals.user.permissions = await locals.user.permissions
}
} catch(err) {
if (JSON.stringify(err) === "{}") {
return next(err)
}
return res.status(404).json(err)
}
return res.marko(template, locals)
}
}
if (["/static/", "/hax/", "/assets/"].find(p => req.path.startsWith(p)) == null) {
if (req.user) {
res.locals.user = {
loggedIn: true,
name: req.user._json.name,
permissions: getPermissions(req.user._json.name),
}
} else {
res.locals.user = {
loggedIn: false,
}
}
}
next()
}
function getPermissions(user) {
return fetch(config.graphqlEndpoint, {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": `Bearer ${generateToken(user, ["member"])}`,
},
body: '{"query":"query { token { user { permissions } } }", "variables": {}}',
credentials: "include",
}).then(res => {
return res.json()
}).then(json => {
return json.data.token.user.permissions
}).catch(err => {
console.error(err)
return []
})
}
const jwt = require("jsonwebtoken")
/**
* @param {string} user
* @param {string[]} permissions
*/
function generateToken(user, permissions) {
return jwt.sign({user, permissions, exp: Math.floor((Date.now() / 1000) + 1200)}, config.backend.secret, {header: {kid: config.backend.kid}})
}