salix/print/core/router.js

75 lines
2.1 KiB
JavaScript

const path = require('path');
const fs = require('fs');
const db = require('./database');
module.exports = app => {
const methodsPath = path.resolve(__dirname, '../methods');
const methodsDir = fs.readdirSync(methodsPath);
const methods = [];
// Get all methods
methodsDir.forEach(method => {
methods.push(method.replace('.js', ''));
});
// Auth middleware
const paths = [];
for (let method of methods)
paths.push(`/api/${method}/*`);
app.use(paths, async function(req, res, next) {
const token = getToken(req);
const query = `SELECT at.id, at.userId, eu.email, u.lang, at.ttl, at.created
FROM salix.AccessToken at
JOIN account.user u ON u.id = at.userid
JOIN account.emailUser eu ON eu.userFk = u.id
WHERE at.id = ?`;
try {
const auth = await db.findOne(query, [token]);
if (!auth || isTokenExpired(auth.created, auth.ttl))
throw new Error('Invalid authorization token');
const args = Object.assign({}, req.query);
const props = Object.assign(args, req.body);
props.authorization = auth.id;
req.args = props;
req.args.auth = {
userId: auth.userId,
token: auth.id,
email: auth.email,
locale: auth.lang
};
next();
} catch (error) {
next(error);
}
});
function getToken(request) {
const headers = request.headers;
const queryParams = request.query;
return headers.authorization || queryParams.authorization;
}
function isTokenExpired(created, ttl) {
const date = new Date(created);
const currentDate = new Date();
date.setSeconds(date.getSeconds() + ttl);
if (currentDate > date)
return true;
return false;
}
// Mount methods
for (let method of methods)
require(`../methods/${method}`)(app);
};