|
|
|
@ -53,16 +53,9 @@ class SessionService {
|
|
|
|
|
return async (req, res, next) => {
|
|
|
|
|
if (options.requireLogin && !req.user) {
|
|
|
|
|
req.session.loginReturnTo = req.url;
|
|
|
|
|
await this.saveSession(req);
|
|
|
|
|
this.log.info('redirecting to login', { returnTo: req.url });
|
|
|
|
|
return new Promise((resolve, reject) => {
|
|
|
|
|
req.session.save(async (err) => {
|
|
|
|
|
if (err) {
|
|
|
|
|
return reject(err);
|
|
|
|
|
}
|
|
|
|
|
res.redirect(options.loginUri);
|
|
|
|
|
return resolve();
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
if (options.requireAdmin && (!req.user || !req.user.flags.isAdmin)) {
|
|
|
|
|
return next(new SiteError(403, 'Administrator privileges are required'));
|
|
|
|
|