[vchess.git] / utils / access.js

var Access = {};

// Prevent access to "users pages"
Access.logged = function(req, res, next)
{
	if (req.userId == 0)
		return res.redirect("/");
	next();
};

// Prevent access to "anonymous pages"
Access.unlogged = function(req, res, next)
{
	if (req.userId > 0)
		return res.redirect("/");
	next();
};

// Prevent direct access to AJAX results
Access.ajax = function(req, res, next)
{
	if (!req.xhr)
		return res.json({errmsg: "Unauthorized access"});
	next();
}

// Check for errors before callback (continue page loading). TODO: better name.
Access.checkRequest = function(res, err, out, msg, cb)
{
	if (!!err)
		return res.json({errmsg: err.errmsg || err.toString()});
	if (!out
		|| (Array.isArray(out) && out.length == 0)
		|| (typeof out === "object" && Object.keys(out).length == 0))
	{
		return res.json({errmsg: msg});
	}
	cb();
}

module.exports = Access;
Commit	Line	Data
8d7e2786 BA	1	var Access = {};
	2
	3	// Prevent access to "users pages"
	4	Access.logged = function(req, res, next)
	5	{
c018b304	6	if (req.userId == 0)
8d7e2786 BA	7	return res.redirect("/");
	8	next();
	9	};
	10
	11	// Prevent access to "anonymous pages"
	12	Access.unlogged = function(req, res, next)
	13	{
c018b304	14	if (req.userId > 0)
8d7e2786 BA	15	return res.redirect("/");
	16	next();
	17	};
	18
	19	// Prevent direct access to AJAX results
	20	Access.ajax = function(req, res, next)
	21	{
	22	if (!req.xhr)
	23	return res.json({errmsg: "Unauthorized access"});
	24	next();
	25	}
	26
	27	// Check for errors before callback (continue page loading). TODO: better name.
	28	Access.checkRequest = function(res, err, out, msg, cb)
	29	{
	30	if (!!err)
c018b304	31	return res.json({errmsg: err.errmsg \|\| err.toString()});
8d7e2786 BA	32	if (!out
	33	\|\| (Array.isArray(out) && out.length == 0)
	34	\|\| (typeof out === "object" && Object.keys(out).length == 0))
	35	{
	36	return res.json({errmsg: msg});
	37	}
	38	cb();
	39	}
	40
	41	module.exports = Access;