projects
/
vchess.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixes on login/logout + challenges sending
[vchess.git]
/
server
/
utils
/
access.js
diff --git
a/server/utils/access.js
b/server/utils/access.js
index
20f3f79
..
2e2fa92
100644
(file)
--- a/
server/utils/access.js
+++ b/
server/utils/access.js
@@
-6,7
+6,7
@@
module.exports =
logged: function(req, res, next) {
const callback = () => {
if (!loggedIn)
logged: function(req, res, next) {
const callback = () => {
if (!loggedIn)
- return res.
redirect("/"
);
+ return res.
json({errmsg: "Not logged in"}
);
next();
};
let loggedIn = undefined;
next();
};
let loggedIn = undefined;
@@
-28,8
+28,6
@@
module.exports =
{
// Token in cookies presumably wrong: erase it
res.clearCookie("token");
{
// Token in cookies presumably wrong: erase it
res.clearCookie("token");
- res.clearCookie("id");
- res.clearCookie("name");
loggedIn = false;
}
callback();
loggedIn = false;
}
callback();
@@
-42,13
+40,13
@@
module.exports =
// Just a quick heuristic, which should be enough
const loggedIn = !!req.cookies.token;
if (loggedIn)
// Just a quick heuristic, which should be enough
const loggedIn = !!req.cookies.token;
if (loggedIn)
- return res.
redirect("/"
);
+ return res.
json({errmsg: "Already logged in"}
);
next();
},
// Prevent direct access to AJAX results
ajax: function(req, res, next) {
next();
},
// Prevent direct access to AJAX results
ajax: function(req, res, next) {
-
if (!req.xhr)
+ if (!req.xhr)
return res.json({errmsg: "Unauthorized access"});
next();
},
return res.json({errmsg: "Unauthorized access"});
next();
},