Acasă Explorează Ajutor
Înregistrare Autentificare
ClawLab
/
MathLab
2
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Arbore: eb4e71130a
Ramuri Etichete
MathLab
/
task-board
/
backend
/
auth.js

auth.js 945 B
Istoric Crud

1234567891011121314151617181920212223242526272829303132333435 
  1. "use strict";
    2. 

  2. 

  3. const DEFAULT_ADMIN_TOKEN = "dev-task-board-token";
    4. 

  4. 

  5. function getAdminToken() {
    6. 

  6.   const envToken = process.env.TASK_BOARD_ADMIN_TOKEN;
    7. 

  7.   if (typeof envToken === "string" && envToken.trim()) {
    8. 

  8.     return envToken.trim();
    9. 

  9.   }
    10. 

  10.   return DEFAULT_ADMIN_TOKEN;
    11. 

  11. }
    12. 

  12. 

  13. function sendUnauthorized(res) {
    14. 

  14.   res.writeHead(401, {
    15. 

  15.     "Content-Type": "application/json; charset=utf-8",
    16. 

  16.     "Cache-Control": "no-store",
    17. 

  17.     "WWW-Authenticate": 'Bearer realm="task-board-admin"',
    18. 

  18.   });
    19. 

  19.   res.end(JSON.stringify({ error: "Unauthorized" }));
    20. 

  20. }
    21. 

  21. 

  22. function requireAdmin(req, res) {
    23. 

  23.   const authHeader = typeof req.headers.authorization === "string" ? req.headers.authorization.trim() : "";
    24. 

  24.   const token = authHeader.toLowerCase().startsWith("bearer ") ? authHeader.slice(7).trim() : "";
    25. 

  25.   if (!token || token !== getAdminToken()) {
    26. 

  26.     sendUnauthorized(res);
    27. 

  27.     return false;
    28. 

  28.   }
    29. 

  29.   return true;
    30. 

  30. }
    31. 

  31. 

  32. module.exports = {
    33. 

  33.   getAdminToken,
    34. 

  34.   requireAdmin,
    35. 

  35. };
    36.