mirror/formbricks-formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-01-06 05:40:02 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity
Files
c47face662508d4ab9aa803565fff4c44e646b02
formbricks-formbricks/packages/lib/auth.ts
Dhruwang Jariwala f70cda6e11 refactor: removes old types (#1288) 
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
2023-10-20 12:03:16 +00:00

93 lines
2.1 KiB
TypeScript
Raw Blame History

import { prisma } from "@formbricks/database";
import { AuthenticationError } from "@formbricks/types/errors";
import { compare, hash } from "bcryptjs";
export async function hashPassword(password: string) {
const hashedPassword = await hash(password, 12);
return hashedPassword;
}
export async function verifyPassword(password: string, hashedPassword: string) {
const isValid = await compare(password, hashedPassword);
return isValid;
}
export const hasTeamAccess = async (userId: string, teamId: string) => {
const membership = await prisma.membership.findUnique({
where: {
userId_teamId: {
userId,
teamId,
},
},
});
if (membership) {
return true;
}
return false;
};
export const isAdminOrOwner = async (userId: string, teamId: string) => {
const membership = await prisma.membership.findUnique({
where: {
userId_teamId: {
userId,
teamId,
},
},
});
if (membership && (membership.role === "admin" || membership.role === "owner")) {
return true;
}
return false;
};
export const isOwner = async (userId: string, teamId: string) => {
const membership = await prisma.membership.findUnique({
where: {
userId_teamId: {
userId,
teamId,
},
},
});
if (membership && membership.role === "owner") {
return true;
}
return false;
};
export const hasTeamAuthority = async (userId: string, teamId: string) => {
const hasAccess = await hasTeamAccess(userId, teamId);
if (!hasAccess) {
throw new AuthenticationError("Not authorized");
}
const isAdminOrOwnerAccess = await isAdminOrOwner(userId, teamId);
if (!isAdminOrOwnerAccess) {
throw new AuthenticationError("You are not the admin or owner of this team");
}
return true;
};
export const hasTeamOwnership = async (userId: string, teamId: string) => {
const hasAccess = await hasTeamAccess(userId, teamId);
if (!hasAccess) {
throw new AuthenticationError("Not authorized");
}
const isOwnerAccess = await isOwner(userId, teamId);
if (!isOwnerAccess) {
throw new AuthenticationError("You are not the owner of this team");
}
return true;
};
Reference in New Issue View Git Blame Copy Permalink