tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity

feat: Mechanisme voor automatische aanmaak en update van accounts aangemaakt.

Browse source
This commit is contained in:
Gerald Schmittinger 2025-04-08 14:24:57 +02:00
parent 6cb8a1b98f
commit 9339eca9cf
9 changed files with 84 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

5
backend/src/middleware/auth/checks/auth-checks.ts
View file

@ -36,3 +36,8 @@ export const studentsOnly = authorize((auth) => auth.accountType === 'student');
* Middleware which rejects requests from unauthenticated users or users that aren't teachers.
*/
export const teachersOnly = authorize((auth) => auth.accountType === 'teacher');
/**
* Middleware which is to be used on requests no normal user should be able to execute.
* Since there is no concept of administrator accounts yet, currently, those requests will always be blocked.
*/
export const adminOnly = authorize(() => false);

19
backend/src/middleware/auth/checks/class-auth-checks.ts
View file

@ -1,7 +1,12 @@
import {authorize} from "./auth-checks";
import {AuthenticationInfo} from "../authentication-info";
import {AuthenticatedRequest} from "../authenticated-request";
import {getClassesByTeacher} from "../../../services/teachers";
import {getClass} from "../../../services/classes";
async function teaches(teacherUsername: string, classId: string) {
const clazz = await getClass(classId);
return clazz != null && teacherUsername in clazz.teachers;
}
/**
* To be used on a request with path parameters username and classId.
@ -13,10 +18,18 @@ export const onlyAllowStudentHimselfAndTeachersOfClass = authorize(
if (req.params.username === auth.username) {
return true;
} else if (auth.accountType === "teacher") {
const classes: string[] = (await getClassesByTeacher(auth.username, false)) as string[];
return req.params.classId in classes;
return teaches(auth.username, req.params.classId);
} else {
return false;
}
}
);
/**
* Only let the request pass through if its path parameter "username" is the username of the currently logged-in
* teacher and the path parameter "classId" refers to a class the teacher teaches.
*/
export const onlyAllowTeacherOfClass = authorize(
async (auth: AuthenticationInfo, req: AuthenticatedRequest) =>
req.params.username === auth.username && teaches(auth.username, req.params.classId),
);