mirror of
https://github.com/taobataoma/meanTorrent.git
synced 2026-01-21 14:52:27 +01:00
further refactoring of the route middlewares so they can be easily shared amongst app routes
This commit is contained in:
Liran Tal
@@ -1,14 +1,24 @@
|
||||
'use strict';
|
||||
|
||||
module.exports = function(app, passport, auth) {
|
||||
|
||||
// Article Routes
|
||||
var articles = require('../controllers/articles');
|
||||
// Articles routes use articles controller
|
||||
var articles = require('../controllers/articles');
|
||||
var authorization = require('./middlewares/authorization');
|
||||
|
||||
// Article authorization helpers
|
||||
var hasAuthorization = function(req, res, next) {
|
||||
if (req.article.user.id != req.user.id) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = function(app, passport) {
|
||||
|
||||
app.get('/articles', articles.all);
|
||||
app.post('/articles', auth.requiresLogin, articles.create);
|
||||
app.post('/articles', authorization.requiresLogin, articles.create);
|
||||
app.get('/articles/:articleId', articles.show);
|
||||
app.put('/articles/:articleId', auth.requiresLogin, auth.article.hasAuthorization, articles.update);
|
||||
app.del('/articles/:articleId', auth.requiresLogin, auth.article.hasAuthorization, articles.destroy);
|
||||
app.put('/articles/:articleId', authorization.requiresLogin, hasAuthorization, articles.update);
|
||||
app.del('/articles/:articleId', authorization.requiresLogin, hasAuthorization, articles.destroy);
|
||||
|
||||
// Finish with setting up the articleId param
|
||||
app.param('articleId', articles.article);
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
'use strict';
|
||||
|
||||
module.exports = function(app, passport, auth) {
|
||||
module.exports = function(app, passport) {
|
||||
|
||||
// Home route
|
||||
var index = require('../controllers/index');
|
||||
|
||||
11
app/routes/middlewares/authorization.js
Normal file
11
app/routes/middlewares/authorization.js
Normal file
@@ -0,0 +1,11 @@
|
||||
'use strict';
|
||||
|
||||
/**
|
||||
* Generic require login routing middleware
|
||||
*/
|
||||
exports.requiresLogin = function(req, res, next) {
|
||||
if (!req.isAuthenticated()) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
};
|
||||
@@ -1,9 +1,18 @@
|
||||
'use strict';
|
||||
|
||||
module.exports = function(app, passport, auth) {
|
||||
|
||||
// User Routes
|
||||
var users = require('../controllers/users');
|
||||
// User routes use users controller
|
||||
var users = require('../controllers/users');
|
||||
|
||||
// User authorization helpers
|
||||
var hasAuthorization = function(req, res, next) {
|
||||
if (req.profile.id != req.user.id) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = function(app, passport) {
|
||||
|
||||
app.get('/signin', users.signin);
|
||||
app.get('/signup', users.signup);
|
||||
app.get('/signout', users.signout);
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
'use strict';
|
||||
|
||||
/**
|
||||
* Generic require login routing middleware
|
||||
*/
|
||||
exports.requiresLogin = function(req, res, next) {
|
||||
if (!req.isAuthenticated()) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
};
|
||||
|
||||
/**
|
||||
* User authorizations routing middleware
|
||||
*/
|
||||
exports.user = {
|
||||
hasAuthorization: function(req, res, next) {
|
||||
if (req.profile.id != req.user.id) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* Article authorizations routing middleware
|
||||
*/
|
||||
exports.article = {
|
||||
hasAuthorization: function(req, res, next) {
|
||||
if (req.article.user.id != req.user.id) {
|
||||
return res.send(401, 'User is not authorized');
|
||||
}
|
||||
next();
|
||||
}
|
||||
};
|
||||
@@ -19,7 +19,6 @@ process.env.NODE_ENV = process.env.NODE_ENV || 'development';
|
||||
|
||||
// Initializing system variables
|
||||
var config = require('./config/config'),
|
||||
auth = require('./config/middlewares/authorization'),
|
||||
mongoose = require('mongoose');
|
||||
|
||||
// Bootstrap db connection
|
||||
@@ -58,9 +57,12 @@ var walk = function(path) {
|
||||
var stat = fs.statSync(newPath);
|
||||
if (stat.isFile()) {
|
||||
if (/(.*)\.(js$|coffee$)/.test(file)) {
|
||||
require(newPath)(app, passport, auth);
|
||||
require(newPath)(app, passport);
|
||||
}
|
||||
} else if (stat.isDirectory()) {
|
||||
// We skip the app/routes/middlewares directory as it is meant to be
|
||||
// used and shared by routes as further middlewares and is not a
|
||||
// route by itself
|
||||
} else if (stat.isDirectory() && file !== 'middlewares') {
|
||||
walk(newPath);
|
||||
}
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user