Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-24 03:10:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

add token authentication, only admin can use api

Browse source
This commit is contained in:
huneau romain 2017-05-11 12:15:02 +02:00
parent 548172949a
commit b5271e5346
9 changed files with 50 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
server/authentication.js Normal file
View file

@ -0,0 +1,21 @@
Meteor.startup(() => {
Authentication = {};
Authentication.checkUserId = function (userId) {
if (userId === undefined) {
const error = new Meteor.Error('Unauthorized', 'Unauthorized');
error.statusCode = 401;
throw error;
}
const admin = Users.findOne({ _id: userId, isAdmin: true });
if (admin === undefined) {
const error = new Meteor.Error('Forbidden', 'Forbidden');
error.statusCode = 403;
throw error;
}
};
});