mirror of
https://github.com/Steffo99/festa.git
synced 2024-10-16 15:07:27 +00:00
35 lines
No EOL
970 B
TypeScript
35 lines
No EOL
970 B
TypeScript
import { User } from "@prisma/client"
|
|
import { NextApiRequest, NextApiResponse } from "next"
|
|
import { database } from "./prismaClient"
|
|
import { Interrupt } from "./interrupt"
|
|
|
|
|
|
/**
|
|
* Find the user who is authenticating in a request.
|
|
*
|
|
* _For API route usage._
|
|
*
|
|
* @param req The request performed by the user.
|
|
* @returns The user.
|
|
*/
|
|
export async function authorizeUser(req: NextApiRequest): Promise<User> {
|
|
const authorization = req.headers.authorization
|
|
|
|
if (!authorization) {
|
|
throw new Interrupt(401, {error: "Missing Authorization header" })
|
|
}
|
|
|
|
const token = authorization.match(/^Bearer (\S+)$/)?.[1]
|
|
|
|
if(!(token)) {
|
|
throw new Interrupt(401, {error: "Invalid Authorization header" })
|
|
}
|
|
|
|
const dbToken = await database.token.findUnique({where: {token}, include: {user: true}})
|
|
|
|
if(!(dbToken)) {
|
|
throw new Interrupt(401, {error: "No such Authorization token" })
|
|
}
|
|
|
|
return dbToken.user
|
|
} |