const debug = require('debug')('server-connect:secure'); const config = require('./config'); module.exports = function (app) { if (config.passport) { const passport = require('passport'); const ServerConnectStrategy = require('../auth/passport'); passport.use(new ServerConnectStrategy({ provider: 'security' })); app.use(passport.initialize()); app.use(passport.session()); app.use(passport.authenticate('server-connect')); debug('Passport initialized', passport.strategies); app.use((req, res, next) => { debug('auth', req.isAuthenticated()); debug('Session', req.session); if (req.user) { debug('User', req.user); } next(); }); app.use('/api/secure', restrict()); } }; // restrict middleware function restrict (options = {}) { return async function (req, res, next) { if (req.isAuthenticated()) { return next(); } if (req.is('json')) { return res.status(401).json({ error: 'Unauthorized' }); } if (options.redirect) { return res.redirect(options.redirect); } res.status(401).send('Unauthorized'); }; }