forked from projects/fipamo
fixed API authentication bug. whew.
This commit is contained in:
parent
8052c861bf
commit
f10b25e698
7 changed files with 83 additions and 70 deletions
|
@ -9,6 +9,7 @@ const fs = require('fs-extra');
|
||||||
const moment = require('moment');
|
const moment = require('moment');
|
||||||
const book = new Book();
|
const book = new Book();
|
||||||
const nav = new Navigation();
|
const nav = new Navigation();
|
||||||
|
const auth = new Auth();
|
||||||
const _ = require('lodash');
|
const _ = require('lodash');
|
||||||
const uploadPath =
|
const uploadPath =
|
||||||
'./public/assets/images/blog/' + moment().format('YYYY') + '/' + moment().format('MM');
|
'./public/assets/images/blog/' + moment().format('YYYY') + '/' + moment().format('MM');
|
||||||
|
@ -46,8 +47,7 @@ router.get('/', (req, res) => {
|
||||||
* Add/Update Page
|
* Add/Update Page
|
||||||
*/
|
*/
|
||||||
router.post('/write/:task?', feature_upload, (req, res) => {
|
router.post('/write/:task?', feature_upload, (req, res) => {
|
||||||
if (req.session.user) {
|
auth.authCheck(req)
|
||||||
Auth.authCheck(req)
|
|
||||||
.then(() => {
|
.then(() => {
|
||||||
let body = _.mapValues(req.body);
|
let body = _.mapValues(req.body);
|
||||||
let feature = '';
|
let feature = '';
|
||||||
|
@ -80,7 +80,6 @@ router.post('/write/:task?', feature_upload, (req, res) => {
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
res.json(err);
|
res.json(err);
|
||||||
});
|
});
|
||||||
}
|
|
||||||
});
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -88,8 +87,7 @@ router.post('/write/:task?', feature_upload, (req, res) => {
|
||||||
*/
|
*/
|
||||||
|
|
||||||
router.post('/delete', (req, res) => {
|
router.post('/delete', (req, res) => {
|
||||||
if (req.session.user) {
|
auth.authCheck(req)
|
||||||
Auth.authCheck(req)
|
|
||||||
.then(() => {
|
.then(() => {
|
||||||
book.editPage([], req.body.id, DataEvent.API_PAGE_DELETE, req.session.user)
|
book.editPage([], req.body.id, DataEvent.API_PAGE_DELETE, req.session.user)
|
||||||
.then(result => {
|
.then(result => {
|
||||||
|
@ -103,7 +101,6 @@ router.post('/delete', (req, res) => {
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
res.json(err);
|
res.json(err);
|
||||||
});
|
});
|
||||||
}
|
|
||||||
});
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import * as DataEvent from '../../../src/com/events/DataEvent';
|
import * as DataEvent from '../../../src/com/events/DataEvent';
|
||||||
|
import Auth from '../../data/Auth';
|
||||||
const express = require('express');
|
const express = require('express');
|
||||||
const router = express.Router();
|
const router = express.Router();
|
||||||
const multer = require('multer');
|
const multer = require('multer');
|
||||||
|
@ -7,6 +8,7 @@ const moment = require('moment');
|
||||||
const _ = require('lodash');
|
const _ = require('lodash');
|
||||||
const settings = require('../../../site/settings.json');
|
const settings = require('../../../site/settings.json');
|
||||||
const folks = require('../../../site/folks.json');
|
const folks = require('../../../site/folks.json');
|
||||||
|
const auth = new Auth();
|
||||||
const uploadPath =
|
const uploadPath =
|
||||||
'./public/assets/images/user/' + moment().format('YYYY') + '/' + moment().format('MM');
|
'./public/assets/images/user/' + moment().format('YYYY') + '/' + moment().format('MM');
|
||||||
fs.ensureDir(uploadPath, () => {
|
fs.ensureDir(uploadPath, () => {
|
||||||
|
@ -108,18 +110,20 @@ router.post('/nav-sync', (req, res) => {
|
||||||
});
|
});
|
||||||
|
|
||||||
router.post('/publish-pages', (req, res) => {
|
router.post('/publish-pages', (req, res) => {
|
||||||
if (req.session.user) {
|
auth.authCheck(req)
|
||||||
|
.then(() => {
|
||||||
console.log('PUBLISHING');
|
console.log('PUBLISHING');
|
||||||
res.json({
|
res.json({
|
||||||
type: DataEvent.API_RENDER_PAGES,
|
type: DataEvent.API_RENDER_PAGES,
|
||||||
message: 'All Pages Rendered and Published'
|
message: 'All Pages Rendered and Published'
|
||||||
});
|
});
|
||||||
} else {
|
})
|
||||||
|
.catch(err => {
|
||||||
res.json({
|
res.json({
|
||||||
type: DataEvent.REQUEST_LAME,
|
type: err.type,
|
||||||
message: "You're not logged in, champ"
|
message: err.message
|
||||||
|
});
|
||||||
});
|
});
|
||||||
}
|
|
||||||
});
|
});
|
||||||
|
|
||||||
/***
|
/***
|
||||||
|
|
|
@ -22,6 +22,16 @@ export default class Auth {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
let hash = req.headers['x-access-token'];
|
let hash = req.headers['x-access-token'];
|
||||||
let response = [];
|
let response = [];
|
||||||
|
//check to see if user is logged in
|
||||||
|
if (!req.session.user) {
|
||||||
|
response = {
|
||||||
|
status: false,
|
||||||
|
type: DataEvent.API_REQUEST_LAME,
|
||||||
|
message: "You're not logged in, champ."
|
||||||
|
};
|
||||||
|
reject(response);
|
||||||
|
}
|
||||||
|
|
||||||
//Checks if token is a proper hash, if not reject
|
//Checks if token is a proper hash, if not reject
|
||||||
if (!self.isTokenValid(req.session.token, hash)) {
|
if (!self.isTokenValid(req.session.token, hash)) {
|
||||||
response = {
|
response = {
|
||||||
|
|
|
@ -175,11 +175,11 @@ export default class Pages {
|
||||||
}
|
}
|
||||||
publish() {
|
publish() {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
let self = this;
|
//let self = this;
|
||||||
//get pages for rendering
|
//get pages for rendering
|
||||||
this.getPage()
|
this.getPage()
|
||||||
.then(pages => {
|
.then(pages => {
|
||||||
console.log('PAGES', pages);
|
resolve(pages);
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
reject(err);
|
reject(err);
|
||||||
|
|
|
@ -15,6 +15,7 @@ export default class SettingsIndex {
|
||||||
// constructor
|
// constructor
|
||||||
//--------------------------
|
//--------------------------
|
||||||
constructor() {
|
constructor() {
|
||||||
|
api.authStatus();
|
||||||
this.start();
|
this.start();
|
||||||
}
|
}
|
||||||
//--------------------------
|
//--------------------------
|
||||||
|
|
|
@ -56,7 +56,8 @@ export default class APIUtils {
|
||||||
eventType === DataEvent.API_PAGE_WRITE ||
|
eventType === DataEvent.API_PAGE_WRITE ||
|
||||||
eventType === DataEvent.API_IMAGES_UPLOAD ||
|
eventType === DataEvent.API_IMAGES_UPLOAD ||
|
||||||
eventType === DataEvent.API_SETTINGS_WRITE ||
|
eventType === DataEvent.API_SETTINGS_WRITE ||
|
||||||
eventType === DataEvent.API_PAGE_DELETE
|
eventType === DataEvent.API_PAGE_DELETE ||
|
||||||
|
eventType === DataEvent.API_RENDER_PAGES
|
||||||
)
|
)
|
||||||
request.setRequestHeader('x-access-token', self.token);
|
request.setRequestHeader('x-access-token', self.token);
|
||||||
switch (contentType) {
|
switch (contentType) {
|
||||||
|
|
Loading…
Reference in a new issue