server/middleware.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

/* jshint node: true */

var passport = require('passport'),
	_ = require('lodash'),
	config = require('../config.json');


var middleware = {

	enableCORS: function (req, res, next) {
		res.header('Access-Control-Allow-Credentials', true);
		// TODO Check https vs. http
		res.header('Access-Control-Allow-Origin', '*');
		res.header('Access-Control-Allow-Headers', 'X-Requested-With');
		next();
	},

	ensureAuthenticated: function (req, res, next) {
		if (! req.isAuthenticated()) {
			req.session.returnTo = req.path;
			return res.redirect('/login');
		}
		next();
	},

	ensureIsStaff: function (req, res, next) {
		if (! req.user.isStaff) {
			return res.redirect('http://' + config.host + '/');
		}
		next();
	},

	ensureLocals: function (req, res, next) {
		res.locals.token = req.csrfToken();
		res.locals.logged_in = req.isAuthenticated()
		res.locals.user = req.user || {}
		res.locals.config = config
		res.locals.profile = null
		res.locals.opt = {}
		next()
	},

}

module.exports = middleware