Updated dependencies. Introduced a styled 404 page. Implemented a new authorization system including separate login flow. Implemented flash message system to removal all query url parameters. Made SID more persistent between sessions. Implemented new vouchers overview. Improved color scheme for info and error flash messages. Updated README.md

2026-04-05 08:54:17 -04:00 · 2024-01-22 19:27:42 +01:00
parent 172473536b
commit 03fb5356ef
12 changed files with 549 additions and 196 deletions
--- a/middlewares/authorization.js
+++ b/middlewares/authorization.js
@@ -0,0 +1,23 @@
+/**
+ * Verifies if a user is signed in
+ *
+ * @param req
+ * @param res
+ * @param next
+ */
+module.exports = async (req, res, next) => {
+    // Check if user has an existing authorization cookie
+    if(!req.cookies.authorization) {
+        res.redirect(302, '/login');
+        return;
+    }
+
+    // Check if password is correct
+    const passwordCheck = req.cookies.authorization === (process.env.SECURITY_CODE || "0000");
+    if(!passwordCheck) {
+        res.cookie('flashMessage', JSON.stringify({type: 'error', message: 'Password Invalid!'}), {httpOnly: true, expires: new Date(Date.now() + 24 * 60 * 60 * 1000)}).redirect(302, '/login');
+        return;
+    }
+
+    next();
+}