Fix jwt-token
This commit is contained in:
@@ -240,10 +240,17 @@ const getRoles = () => {
|
|||||||
*/
|
*/
|
||||||
const requirePermission = (resource, action) => {
|
const requirePermission = (resource, action) => {
|
||||||
return (req, res, next) => {
|
return (req, res, next) => {
|
||||||
if (!req.user || !req.user.role) {
|
if (!req.user) {
|
||||||
return res.status(401).json({
|
return res.status(401).json({
|
||||||
success: false,
|
success: false,
|
||||||
message: 'Authentication required'
|
message: 'User not authenticated'
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!req.user.role) {
|
||||||
|
return res.status(403).json({
|
||||||
|
success: false,
|
||||||
|
message: 'Insufficient permissions'
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -253,9 +260,7 @@ const requirePermission = (resource, action) => {
|
|||||||
if (!hasRequiredPermission) {
|
if (!hasRequiredPermission) {
|
||||||
return res.status(403).json({
|
return res.status(403).json({
|
||||||
success: false,
|
success: false,
|
||||||
message: 'Insufficient permissions',
|
message: 'Insufficient permissions'
|
||||||
required_permission: `${resource}.${action}`,
|
|
||||||
user_role: userRole
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -337,7 +342,6 @@ module.exports = {
|
|||||||
getPermissions,
|
getPermissions,
|
||||||
getRoles,
|
getRoles,
|
||||||
requirePermission,
|
requirePermission,
|
||||||
requirePermission,
|
|
||||||
requirePermissions,
|
requirePermissions,
|
||||||
requireAnyPermission
|
requireAnyPermission
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user