X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=utils%2Faccess.js;fp=utils%2Faccess.js;h=ca50b1c80b5aa737c24b0a7c22aad0249a06d0cb;hb=8d7e2786f5a67a1b9a77c742d7951e0efbe8747d;hp=0000000000000000000000000000000000000000;hpb=7192f4711467ae73a0f813189f8a4d8cca252bf1;p=vchess.git

diff --git a/utils/access.js b/utils/access.js
new file mode 100644
index 00000000..ca50b1c8
--- /dev/null
+++ b/utils/access.js
@@ -0,0 +1,41 @@
+var Access = {};
+
+// Prevent access to "users pages"
+Access.logged = function(req, res, next)
+{
+	if (!req.loggedIn)
+		return res.redirect("/");
+	next();
+};
+
+// Prevent access to "anonymous pages"
+Access.unlogged = function(req, res, next)
+{
+	if (!!req.loggedIn)
+		return res.redirect("/");
+	next();
+};
+
+// Prevent direct access to AJAX results
+Access.ajax = function(req, res, next)
+{
+	if (!req.xhr)
+		return res.json({errmsg: "Unauthorized access"});
+	next();
+}
+
+// Check for errors before callback (continue page loading). TODO: better name.
+Access.checkRequest = function(res, err, out, msg, cb)
+{
+	if (!!err)
+		return res.json(err);
+	if (!out
+		|| (Array.isArray(out) && out.length == 0)
+		|| (typeof out === "object" && Object.keys(out).length == 0))
+	{
+		return res.json({errmsg: msg});
+	}
+	cb();
+}
+
+module.exports = Access;