const createRequestUserObject = (req, user) => ({ bidderId: user.id || null, isGuest: !(user && user.id), isManager: user && user.isEventManager(), isSelf: user && user.id === req.params.user_id, record: user || null, }); const authenticateBasic = (passport) => (req, res, next) => ( passport.authenticate('jwt', { session: false }, (err, user, info) => { if (err) { next(err); } req.user = createRequestUserObject(req, user); next(); })(req, res, next) ); const authenticateEventManager = (passport) => (req, res, next) => ( passport.authenticate('jwt', { session: false }, (err, user, info) => { if (err) { next(err); } const record = createRequestUserObject(req, user); if (!user || !record.isManager) { return res.send(401); } req.user = record; next(); })(req, res, next) ); const authenticateEventManagerOrSelf = (passport) => (req, res, next) => ( passport.authenticate('jwt', { session: false }, (err, user, info) => { if (err) { next(err); } const record = createRequestUserObject(req, user); if (user && (!record.isManager && !record.isSelf)) { return res.send(401); } req.user = record; next(); })(req, res, next) ); const authenticateSecure = (passport) => (req, res, next) => ( passport.authenticate('jwt', { session: false }, (err, user, info) => { if (err) { next(err); } if (!user) { return res.send(401); } req.user = createRequestUserObject(req, user); next(); })(req, res, next) ); module.exports = function (passport) { require('./apple.js')(passport); require('./facebook.js')(passport); require('./google.js')(passport); require('./jwt.js')(passport); require('./local.js')(passport); return { basic: authenticateBasic(passport), bypass: (req, res, next) => next(), manager: authenticateEventManager(passport), managerOrSelf: authenticateEventManagerOrSelf(passport), passport, secure: authenticateSecure(passport), }; };