|
|
|
@ -46,14 +46,18 @@ class SessionService extends SiteService {
|
|
|
|
|
options = Object.assign({
|
|
|
|
|
requireLogin: true,
|
|
|
|
|
requireAdmin: false,
|
|
|
|
|
useRedirect: true,
|
|
|
|
|
loginUri: '/welcome/login',
|
|
|
|
|
}, options);
|
|
|
|
|
return async (req, res, next) => {
|
|
|
|
|
if (options.requireLogin && !req.user) {
|
|
|
|
|
req.session.loginReturnTo = req.url;
|
|
|
|
|
await this.saveSession(req);
|
|
|
|
|
this.log.info('redirecting to login', { returnTo: req.url });
|
|
|
|
|
return res.redirect(options.loginUri);
|
|
|
|
|
if (options.useRedirect) {
|
|
|
|
|
req.session.loginReturnTo = req.url;
|
|
|
|
|
await this.saveSession(req);
|
|
|
|
|
this.log.info('redirecting to login', { returnTo: req.url });
|
|
|
|
|
return res.redirect(options.loginUri);
|
|
|
|
|
}
|
|
|
|
|
return next(new SiteError(403, 'Must sign in to continue'));
|
|
|
|
|
}
|
|
|
|
|
if (options.requireAdmin && (!req.user || !req.user.flags.isAdmin)) {
|
|
|
|
|
return next(new SiteError(403, 'Administrator privileges are required'));
|
|
|
|
|