letu/routes/utils/sessionCheck.js

let error = require("./error");

function sessionCheck(permission) {
    return (req, res, next) => {
        if (!req.session.user) {
            req.session.lastUrl = req.originalUrl;
            req.session.save(() => res.redirect("/login"));
        } else if (req.session.user.permissions < permission)
            return error(req, res, "Permission denied !", 403);
        else
            next();
    }
}

module.exports = sessionCheck;
Setup permissions check on index 2020-10-12 23:34:51 +02:00			`let error = require("./error");`

			`function sessionCheck(permission) {`
			`return (req, res, next) => {`
			`if (!req.session.user) {`
			`req.session.lastUrl = req.originalUrl;`
			`req.session.save(() => res.redirect("/login"));`
			`} else if (req.session.user.permissions < permission)`
			`return error(req, res, "Permission denied !", 403);`
			`else`
			`next();`
			`}`
			`}`

			`module.exports = sessionCheck;`