+var UserModel = require("../models/User");
+
module.exports =
{
// Prevent access to "users pages"
logged: function(req, res, next) {
- if (req.userId == 0)
- return res.redirect("/");
- next();
+ const callback = () => {
+ if (!loggedIn)
+ return res.redirect("/");
+ next();
+ };
+ let loggedIn = undefined;
+ if (!req.cookies.token)
+ {
+ loggedIn = false;
+ callback();
+ }
+ else
+ {
+ UserModel.getOne("sessionToken", req.cookies.token, function(err, user) {
+ if (!!user)
+ {
+ req.userId = user.id;
+ req.userName = user.name;
+ loggedIn = true;
+ }
+ else
+ {
+ // Token in cookies presumably wrong: erase it
+ res.clearCookie("token");
+ res.clearCookie("id");
+ res.clearCookie("name");
+ loggedIn = false;
+ }
+ callback();
+ });
+ }
},
// Prevent access to "anonymous pages"
unlogged: function(req, res, next) {
- if (req.userId > 0)
+ // Just a quick heuristic, which should be enough
+ const loggedIn = !!req.cookies.token;
+ if (loggedIn)
return res.redirect("/");
next();
},