mirror of https://github.com/calzoneman/sync.git
Require auth for read-only requests too
This commit is contained in:
Calvin Montgomery
parent
032dede66d
commit
d94c596063
|
|
@ -26,10 +26,19 @@ function handleAccountEditPage(req, res) {
|
||||||
if (req.cookies.auth) {
|
if (req.cookies.auth) {
|
||||||
loginName = req.cookies.auth.split(":")[0];
|
loginName = req.cookies.auth.split(":")[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
db.users.verifyAuth(req.cookies.auth, function (err, user) {
|
||||||
|
if (err) {
|
||||||
|
return sendJade(res, "account-edit", {
|
||||||
|
loggedIn: false
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
sendJade(res, "account-edit", {
|
sendJade(res, "account-edit", {
|
||||||
loggedIn: loginName !== false,
|
loggedIn: loginName !== false,
|
||||||
loginName: loginName
|
loginName: loginName
|
||||||
});
|
});
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -185,6 +194,13 @@ function handleAccountChannelPage(req, res) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (loginName) {
|
if (loginName) {
|
||||||
|
db.users.verifyAuth(req.cookies.auth, function (err, user) {
|
||||||
|
if (err) {
|
||||||
|
return sendJade(res, "account-channels", {
|
||||||
|
loggedIn: false
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
db.channels.listUserChannels(loginName, function (err, channels) {
|
db.channels.listUserChannels(loginName, function (err, channels) {
|
||||||
sendJade(res, "account-channels", {
|
sendJade(res, "account-channels", {
|
||||||
loggedIn: true,
|
loggedIn: true,
|
||||||
|
|
@ -192,6 +208,7 @@ function handleAccountChannelPage(req, res) {
|
||||||
channels: channels
|
channels: channels
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
sendJade(res, "account-channels", {
|
sendJade(res, "account-channels", {
|
||||||
loggedIn: false,
|
loggedIn: false,
|
||||||
|
|
@ -415,15 +432,19 @@ function handleAccountProfilePage(req, res) {
|
||||||
logRequest(req);
|
logRequest(req);
|
||||||
|
|
||||||
var loginName = false;
|
var loginName = false;
|
||||||
if (req.cookies.auth) {
|
if (!req.cookies.auth) {
|
||||||
loginName = req.cookies.auth.split(":")[0];
|
return sendJade(res, "account-profile", {
|
||||||
} else {
|
|
||||||
sendJade(res, "account-profile", {
|
|
||||||
loggedIn: false,
|
loggedIn: false,
|
||||||
profileImage: "",
|
profileImage: "",
|
||||||
profileText: ""
|
profileText: ""
|
||||||
});
|
});
|
||||||
return;
|
} else {
|
||||||
|
loginName = req.cookies.auth.split(":")[0];
|
||||||
|
db.users.verifyAuth(req.cookies.auth, function (err, user) {
|
||||||
|
if (err) {
|
||||||
|
return sendJade(res, "account-profile", {
|
||||||
|
loggedIn: false
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
db.users.getProfile(loginName, function (err, profile) {
|
db.users.getProfile(loginName, function (err, profile) {
|
||||||
|
|
@ -446,6 +467,8 @@ function handleAccountProfilePage(req, res) {
|
||||||
profileError: false
|
profileError: false
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue