add valid user cookie check to checkAuth,

add admin flag in user data
This commit is contained in:
Arthur Lu 2024-06-28 07:14:41 +00:00
parent afecfcafd0
commit 34f2669ab9
2 changed files with 11 additions and 1 deletions

View File

@ -16,9 +16,13 @@ export async function checkAuth (cookies, res, vmpath = null) {
let auth = false; let auth = false;
const userObj = getUserObjFromUsername(cookies.username); const userObj = getUserObjFromUsername(cookies.username);
if (!userObj) {
res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: "Username was missing or invalid." });
res.end()
return false;
}
if ((await global.userManager.getUser(userObj)) === null) { if ((await global.userManager.getUser(userObj)) === null) {
auth = false;
res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: `User ${cookies.username} not found in localdb.` }); res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: `User ${cookies.username} not found in localdb.` });
res.end(); res.end();
return false; return false;
@ -363,8 +367,13 @@ export function readJSONFile (path) {
}; };
export function getUserObjFromUsername (username) { export function getUserObjFromUsername (username) {
if (username) {
const userRealm = username.split("@").at(-1); const userRealm = username.split("@").at(-1);
const userID = username.replace(`@${userRealm}`, ""); const userID = username.replace(`@${userRealm}`, "");
const userObj = { id: userID, realm: userRealm }; const userObj = { id: userID, realm: userRealm };
return userObj; return userObj;
} }
else {
return null
}
}

View File

@ -72,6 +72,7 @@
} }
}, },
"cluster": { "cluster": {
"admin": false,
"nodes": { "nodes": {
"example-node-0": true, "example-node-0": true,
"example-node-1": true, "example-node-1": true,