added user status and prediction user

2020-08-26 19:37:36 +02:00
parent efbf73032d
commit 597a8f3084
21 changed files with 477 additions and 80 deletions
--- a/src/helpers/authorize.ts
+++ b/src/helpers/authorize.ts
@@ -10,7 +10,7 @@ import globals from '../globals';

 module.exports = async (req, res, next) => {
  let givenMethod = '';  // authorization method given by client, basic taken preferred
-  let user = {name: '', level: '', id: '', location: ''};               // user object
+  let user = {name: '', level: '', id: '', location: '', models: []};               // user object

  // test authentications
  const userBasic = await basic(req, next);
@@ -48,7 +48,8 @@ module.exports = async (req, res, next) => {
    username: user.name,
    level: user.level,
    id: user.id,
-    location: user.location
+    location: user.location,
+    models: user.models
  };

  next();
@@ -59,7 +60,7 @@ function basic (req, next): any {  // checks basic auth and returns changed user
  return new Promise(resolve => {
    const auth = basicAuth(req);
    if (auth !== undefined) {  // basic auth available
-      UserModel.find({name: auth.name}).lean().exec( (err, data: any) => {  // find user
+      UserModel.find({name: auth.name, status: globals.status.new}).lean().exec( (err, data: any) => {  // find user
        if (err) return next(err);
        if (data.length === 1) {  // one user found
          bcrypt.compare(auth.pass, data[0].pass, (err, res) => {  // check password
@@ -69,7 +70,8 @@ function basic (req, next): any {  // checks basic auth and returns changed user
                level: Object.entries(globals.levels).find(e => e[1] === data[0].level)[0],
                name: data[0].name,
                id: data[0]._id.toString(),
-                location: data[0].location
+                location: data[0].location,
+                models: data[0].models
              });
            }
            else {
@@ -91,14 +93,15 @@ function basic (req, next): any {  // checks basic auth and returns changed user
 function key (req, next): any {  // checks API key and returns changed user object
  return new Promise(resolve => {
    if (req.query.key !== undefined) {  // key available
-      UserModel.find({key: req.query.key}).lean().exec( (err, data: any) => {  // find user
+      UserModel.find({key: req.query.key, status: globals.status.new}).lean().exec( (err, data: any) => {  // find user
        if (err) return next(err);
        if (data.length === 1) {  // one user found
          resolve({
            level: Object.entries(globals.levels).find(e => e[1] === data[0].level)[0],
            name: data[0].name,
            id: data[0]._id.toString(),
-            location: data[0].location
+            location: data[0].location,
+            models: data[0].models
          });
          if (!/^\/api/m.test(req.url)){
            delete req.query.key;  // delete query parameter to avoid interference with later validation