17 lines
455 B
JavaScript
17 lines
455 B
JavaScript
// middlewares/checkRole.js
|
|
const responses = require('../helpers/responses');
|
|
|
|
module.exports = function(...allowedRoles) {
|
|
return (req, res, next) => {
|
|
if (!req.user) {
|
|
return responses.failed(res, 401, 'Anda belum login');
|
|
}
|
|
|
|
if (!allowedRoles.includes(req.user.role)) {
|
|
return responses.failed(res, 403, 'Anda tidak memiliki izin untuk mengakses resource ini');
|
|
}
|
|
|
|
next();
|
|
};
|
|
};
|