Currently auth checks (subreddits, operator, bot access, etc.) is done ad-hoc on both the client and server. There are well-defined auth entities (interfaces for user) but the actual logic is done inline.
This opens up the chance for typos and bugs all over the place like 66d9c0b2a7a501a4d5947693aac722284683544b
Need to refactor all of this auth logic so its all in one place. Reduces change of bugs and simplifies usage in routes, etc.
[ ] Implement actual User classes that contain methods for checking access to bot/manager
[ ] Ideally, client/server should share a base User class
[ ] Refactor passport user to serialize/deserialize user class
[ ] Maybe use middleware for bot/manager permissions to add ephemeral access data to class?
[ ] Refactor ad-hoc auth logic to use class methods
Currently auth checks (subreddits, operator, bot access, etc.) is done ad-hoc on both the client and server. There are well-defined auth entities (interfaces for user) but the actual logic is done inline.
This opens up the chance for typos and bugs all over the place like 66d9c0b2a7a501a4d5947693aac722284683544b
Need to refactor all of this auth logic so its all in one place. Reduces change of bugs and simplifies usage in routes, etc.