aa8a0bd83f
Ingest aircraft and vessel tracks via OSINT feeds and tactical CoT, expose viewport-filtered SSE to the map, and add an OSM ALPR layer with tiled caching and performant marker sync.
36 lines
1.0 KiB
JavaScript
36 lines
1.0 KiB
JavaScript
const ROLES_ADMIN_OR_LEADER = Object.freeze(['admin', 'leader'])
|
|
|
|
export function requireAuth(event, opts = {}) {
|
|
const user = event.context.user
|
|
if (!user) throw createError({ statusCode: 401, message: 'Unauthorized' })
|
|
const { role } = opts
|
|
if (role === 'admin' && user.role !== 'admin') throw createError({ statusCode: 403, message: 'Forbidden' })
|
|
if (role === 'adminOrLeader' && !ROLES_ADMIN_OR_LEADER.includes(user.role)) throw createError({ statusCode: 403, message: 'Forbidden' })
|
|
return user
|
|
}
|
|
|
|
// Auth path utilities
|
|
export const SKIP_PATHS = Object.freeze([
|
|
'/api/auth/login',
|
|
'/api/auth/logout',
|
|
'/api/auth/config',
|
|
'/api/auth/oidc/authorize',
|
|
'/api/auth/oidc/callback',
|
|
])
|
|
|
|
export const PROTECTED_PATH_PREFIXES = Object.freeze([
|
|
'/api/alpr',
|
|
'/api/cot',
|
|
'/api/cameras',
|
|
'/api/devices',
|
|
'/api/live',
|
|
'/api/me',
|
|
'/api/pois',
|
|
'/api/users',
|
|
])
|
|
|
|
export function skipAuth(path) {
|
|
if (path.startsWith('/api/health') || path === '/health') return true
|
|
return SKIP_PATHS.some(p => path === p || path.startsWith(p + '/'))
|
|
}
|