X-Git-Url: https://git.auder.net/?p=vchess.git;a=blobdiff_plain;f=utils%2Faccess.js;h=49d204c3483818213ea8c2affd4ae085bd9dc6f2;hp=ca50b1c80b5aa737c24b0a7c22aad0249a06d0cb;hb=fd08ab2c5b8931bb8c95cf7e9f2f95122647f991;hpb=8d7e2786f5a67a1b9a77c742d7951e0efbe8747d diff --git a/utils/access.js b/utils/access.js index ca50b1c8..49d204c3 100644 --- a/utils/access.js +++ b/utils/access.js @@ -1,41 +1,36 @@ -var Access = {}; - -// Prevent access to "users pages" -Access.logged = function(req, res, next) +module.exports = { - if (!req.loggedIn) - return res.redirect("/"); - next(); -}; + // Prevent access to "users pages" + logged: function(req, res, next) { + if (req.userId == 0) + return res.redirect("/"); + next(); + }, -// Prevent access to "anonymous pages" -Access.unlogged = function(req, res, next) -{ - if (!!req.loggedIn) - return res.redirect("/"); - next(); -}; + // Prevent access to "anonymous pages" + unlogged: function(req, res, next) { + if (req.userId > 0) + return res.redirect("/"); + next(); + }, -// Prevent direct access to AJAX results -Access.ajax = function(req, res, next) -{ - if (!req.xhr) - return res.json({errmsg: "Unauthorized access"}); - next(); -} + // Prevent direct access to AJAX results + ajax: function(req, res, next) { + if (!req.xhr) + return res.json({errmsg: "Unauthorized access"}); + next(); + }, -// Check for errors before callback (continue page loading). TODO: better name. -Access.checkRequest = function(res, err, out, msg, cb) -{ - if (!!err) - return res.json(err); - if (!out - || (Array.isArray(out) && out.length == 0) - || (typeof out === "object" && Object.keys(out).length == 0)) - { - return res.json({errmsg: msg}); - } - cb(); + // Check for errors before callback (continue page loading). TODO: better name. + checkRequest: function(res, err, out, msg, cb) { + if (!!err) + return res.json({errmsg: err.errmsg || err.toString()}); + if (!out + || (Array.isArray(out) && out.length == 0) + || (typeof out === "object" && Object.keys(out).length == 0)) + { + return res.json({errmsg: msg}); + } + cb(); + }, } - -module.exports = Access;