From a2f44a70b4d1b0768b5f2bef3d83c762220a622d Mon Sep 17 00:00:00 2001
From: Eduardo Mathias <ems19@inf.ufpr.br>
Date: Thu, 15 Jun 2023 11:10:19 -0300
Subject: [PATCH] [ADD] RETURN RESPONSE

---
 src/libs/middlewares/oauth2.js | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/libs/middlewares/oauth2.js b/src/libs/middlewares/oauth2.js
index cc9eaab0..2c85f516 100644
--- a/src/libs/middlewares/oauth2.js
+++ b/src/libs/middlewares/oauth2.js
@@ -23,10 +23,11 @@ let errFn = (cb, err) => {
 }
 
 // Destroys any old tokens and generates a new access and refresh token
-let generateTokens = (userId, clientId, done) => {
+let generateTokens = (userId, clientId,userRole, done) => {
     // curries in `done` callback so we don't need to pass it
     let refreshTokenValue;
     let tokenValue;
+    let admin = false; 
 
     RefreshToken.destroy({where:{"user_id": userId, "client_id": clientId}});
     AccessToken.destroy({where:{"user_id": userId, "client_id": clientId}});
@@ -47,19 +48,22 @@ let generateTokens = (userId, clientId, done) => {
         client_id:clientId,
         token:refreshed_token
     })
-
-    done(null, tokenValue, refreshTokenValue, {
+    if(userRole == 1){
+        admin = true;
+    }
+    done(null, tokenValue, refreshTokenValue, {'admin': admin},{
         'expires_in': config.security.tokenLife
     });
 
 };
 
+
 // Exchange username & password for access token.
 aserver.exchange(oauth2orize.exchange.password(function(client, username, password, scope, done) {
     User.findOne({ 
       where: {email:username} 
     }).then(function(user) {
-      if(user == null|| !user.checkPassword(password)){
+      if(user == null|| !user.checkPassword(user, password)){
         return done(null, false);
       }
 
@@ -68,7 +72,7 @@ aserver.exchange(oauth2orize.exchange.password(function(client, username, passwo
         return done(null, false);
       }
       log.info(`Gerando token para usuÃ¡rio ${user.name}`);
-      generateTokens(user.dataValues.id, client.id, done);
+      generateTokens(user.dataValues.id, client.id, user.dataValues.role_id, done);
     }).catch(function(error) {
       return done(error);
     });
@@ -107,4 +111,4 @@ exports.token = [
     passport.authenticate(['oauth2-client-password'], { session: false }),
     aserver.token(),
     aserver.errorHandler()
-];
+];
\ No newline at end of file
-- 
GitLab