middleware.js 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. const Merchant = require("./models/merchant.js")
  2. const helper = require("./controllers/helper.js");
  3. const axios = require("axios");
  4. module.exports = {
  5. verifySession: function(req, res, next){
  6. if(req.session.user === undefined) {
  7. req.session.error = "PLEASE LOG IN";
  8. return res.redirect("/login");
  9. }
  10. Merchant.findOne({"session.sessionId": req.session.user})
  11. .then(async (merchant)=>{
  12. if(merchant === null){
  13. throw "login";
  14. }
  15. //Check if session is out of date
  16. if(merchant.session.date < new Date()){
  17. let newExpiration = new Date();
  18. newExpiration.setDate(newExpiration.getDate() + 90);
  19. merchant.session.sessionId = helper.generateId(25);
  20. merchant.session.date = newExpiration;
  21. merchant.save();
  22. throw "login";
  23. }
  24. //Check if email has not been verified
  25. if(merchant.status.includes("unverified")){
  26. req.session.error = "PLEASE VERIFY YOUR EMAIL ADDRESS";
  27. return res.redirect(`/verify/email/${merchant._id}`);
  28. }
  29. //Check for suspended account
  30. if(merchant.status.includes("suspended")){
  31. req.session.error = "ACCOUNT SUSPENDED. PLEASE CONTACT SUPPORT IF THIS IS IN ERROR";
  32. return res.redirect("/");
  33. }
  34. //Check for out of date access token
  35. let cutoff = new Date();
  36. cutoff.setDate(cutoff.getDate() + 1);
  37. if(merchant.square.expires < cutoff){
  38. let data = await axios.post(`${process.env.SQUARE_ADDRESS}/oauth2/token`, {
  39. client_id: process.env.SUBLINE_SQUARE_APPID,
  40. client_secret: process.env.SUBLINE_SQUARE_APPSECRET,
  41. grant_type: "refresh_token",
  42. refresh_token: merchant.square.refreshToken
  43. });
  44. merchant.square.accessToken = data.data.access_token;
  45. merchant.square.expires = new Date(data.data.expires_at);
  46. await merchant.save();
  47. }
  48. res.locals.merchant = merchant;
  49. return next();
  50. })
  51. .catch((err)=>{
  52. if(err === "no merchant"){
  53. req.session.user = undefined;
  54. req.session.error = "PLEASE LOG IN";
  55. return res.redirect("/login");
  56. }
  57. return res.json("ERROR: UNABLE TO RETRIEVE DATA");
  58. });
  59. },
  60. formatBanner: function(req, res, next){
  61. if(req.session.error !== undefined){
  62. res.locals.banner = {
  63. type: "error",
  64. message: req.session.error,
  65. color: "red"
  66. };
  67. req.session.error = undefined;
  68. }else if(req.session.success !== undefined){
  69. res.locals.banner = {
  70. type: "notification",
  71. message: req.session.success,
  72. color: "green"
  73. };
  74. req.session.success = undefined;
  75. }
  76. return next();
  77. }
  78. }