diff options
| author | Lars Krönner | 2020-10-10 18:39:46 +0200 |
|---|---|---|
| committer | GitHub | 2020-10-10 18:39:46 +0200 |
| commit | 1f45ede8253421439e07790375b72a31ceef33ed (patch) | |
| tree | a9285cef4e2dc3451ed609be2a34bbf21580c35e /auth | |
| parent | 930ecde7e84e723061cba4780459887c329e50a3 (diff) | |
| parent | 16ebbb932c0b780c11d3e574bc24a515eb095f5f (diff) | |
Merge branch 'master' into profile
Diffstat (limited to 'auth')
| -rw-r--r-- | auth/index.js | 28 | ||||
| -rw-r--r-- | auth/public/index.html | 1 | ||||
| -rw-r--r-- | auth/public/style.css | 4 |
3 files changed, 25 insertions, 8 deletions
diff --git a/auth/index.js b/auth/index.js index 1ea6290..e40ea43 100644 --- a/auth/index.js +++ b/auth/index.js @@ -4,14 +4,24 @@ const db = require("../db"); const app = express.Router(); -// TODO: Change passwords -// TODO: Login (+ Frontend, cookie, etc) - function checkUser(req, res, next) { if (req.session.loggedIn) next(); else res.redirect("/auth"); } +function checkAdmin(req, res, next) { + if (!req.session.loggedIn) res.redirect("/auth"); + + try { + db.query("SELECT is_admin FROM users WHERE id = ?", [req.session.uid]).then((ret) => { + if (ret[0].is_admin == 1) next(); + else res.redirect("/"); + }); + } catch (e) { + res.redirect("/"); + } +} + app.use( "/", (req, res, next) => { @@ -79,6 +89,14 @@ app.get("/api/list", checkUser, async (req, res) => { res.json(users); }); -app.get("/api/status", (req, res) => res.json({ loggedIn: req.session.loggedIn })); +app.get("/api/status", (req, res) => { + if (req.session.loggedIn) { + db.query("SELECT is_admin FROM users WHERE id = ?", [req.session.uid]).then((ret) => { + res.json({ loggedIn: req.session.loggedIn, admin: ret[0].is_admin ? true : false }); + }); + } else { + res.json({ loggedIn: false, admin: false }); + } +}); -module.exports = { auth: app, checkUser }; +module.exports = { auth: app, checkUser, checkAdmin }; diff --git a/auth/public/index.html b/auth/public/index.html index b56db07..8273238 100644 --- a/auth/public/index.html +++ b/auth/public/index.html @@ -16,7 +16,6 @@ <body> <div class="pure-menu pure-menu-horizontal"> <a href="/" class="pure-menu-item pure-menu-link">Home</a> - <a href="/auth/api/logout" class="pure-menu-item pure-menu-link">Logout</a> </div> <form class="pure-form pure-form-stacked" action="api/login" method="post"> diff --git a/auth/public/style.css b/auth/public/style.css index 4bbdc55..413ace1 100644 --- a/auth/public/style.css +++ b/auth/public/style.css @@ -14,7 +14,7 @@ div { form { position: absolute; - width: 30%; + width: 40%; left: 50%; top: 50%; -webkit-transform: translate(-50%, -50%); @@ -29,7 +29,7 @@ button { width: 100%; } -@media only screen and (max-width: 600px) { +@media only screen and (max-width: 700px) { form { width: calc(100% - 50px); } |