1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
/* jshint node: true */
var passport = require('passport'),
_ = require('lodash'),
config = require('../../config.json'),
User = require('./schemas/User'),
Collaborator = require('./schemas/Collaborator'),
Project = require('./schemas/Project'),
Plan = require('./schemas/Plan');
var middleware = {
plans: [],
enableCORS: function (req, res, next) {
res.header('Access-Control-Allow-Credentials', true);
// TODO Check https vs. http
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Headers', 'X-Requested-With');
next();
},
ensureAuthenticated: function (req, res, next) {
if (! req.isAuthenticated()) {
req.session.returnTo = req.path;
return res.redirect('/login');
}
next();
},
ensureIsStaff: function (req, res, next) {
if (! req.user.isStaff) {
return res.redirect('http://' + config.host + '/');
}
next();
},
ensureIP: function (req, res, next) {
if (req.session.ip) {
req.ip = req.session.ip || "127.0.0.1"
}
else if (req.ips) {
req.ip = req.session.ip = req.ips[0]
req.session.save()
}
next()
},
ensureLocals: function (req, res, next) {
res.locals.token = req.csrfToken()
res.locals.logged_in = req.isAuthenticated()
res.locals.user = req.user || { _id: undefined }
res.locals.config = config
res.locals.profile = null
res.locals.ogImage = "http://okfocus.s3.amazonaws.com/images/vvalls-fb.png"
res.locals.ogTitle = "VValls"
res.locals.ogUrl = "http://vvalls.com/"
res.locals.ogDescription = "3D gallery space, fully customizable"
res.locals.ogAuthor = "VValls"
res.locals.plans = plans
res.locals.opt = {}
next()
},
ensureProject: function (req, res, next) {
if (req.params.slug) {
Project.findOne({ slug: req.params.slug }, function(err, project){
if (err) {
console.error(err)
req.project = null
}
else if (! project) {
req.project = null
}
else {
req.project = project
}
next()
})
}
else {
req.project = null
next()
}
},
ensureIsCollaborator: function(req, res, next) {
req.isCollaborator = false
req.isOwner = false
req.isStaff = true
if (! req.user || ! req.project) {
next()
}
else if (String(req.user._id) === String(req.project.user_id)) {
req.isOwner = true
next()
}
else {
Collaborator.findOne({ user_id: req.user._id, project_id: req.project._id }, function(err, collab) {
if (err || ! collab) {
next()
}
else {
req.isCollaborator = true
next()
}
})
}
},
updatePlans: function(){
Plan.find({}).sort({ 'level': -1 }).exec(function (err, plans) {
middleware.plans = plans.map(function(plan){ return plan.toObject() })
})
},
}
module.exports = middleware
|
