| 1 | module.exports = |
| 2 | { |
| 3 | // Prevent access to "users pages" |
| 4 | logged: function(req, res, next) { |
| 5 | if (req.userId == 0) |
| 6 | return res.redirect("/"); |
| 7 | next(); |
| 8 | }, |
| 9 | |
| 10 | // Prevent access to "anonymous pages" |
| 11 | unlogged: function(req, res, next) { |
| 12 | if (req.userId > 0) |
| 13 | return res.redirect("/"); |
| 14 | next(); |
| 15 | }, |
| 16 | |
| 17 | // Prevent direct access to AJAX results |
| 18 | ajax: function(req, res, next) { |
| 19 | if (!req.xhr) |
| 20 | return res.json({errmsg: "Unauthorized access"}); |
| 21 | next(); |
| 22 | }, |
| 23 | |
| 24 | // Check for errors before callback (continue page loading). TODO: better name. |
| 25 | checkRequest: function(res, err, out, msg, cb) { |
| 26 | if (!!err) |
| 27 | return res.json({errmsg: err.errmsg || err.toString()}); |
| 28 | if (!out |
| 29 | || (Array.isArray(out) && out.length == 0) |
| 30 | || (typeof out === "object" && Object.keys(out).length == 0)) |
| 31 | { |
| 32 | return res.json({errmsg: msg}); |
| 33 | } |
| 34 | cb(); |
| 35 | }, |
| 36 | } |