2016-06-30 14:40:21 -06:00
|
|
|
var secret = require('./secrets.js');
|
2016-05-05 23:32:31 -06:00
|
|
|
|
2016-06-12 18:18:34 -06:00
|
|
|
var throwErr = function(req,err){
|
2016-06-30 14:40:21 -06:00
|
|
|
console.log('middleware.js:5 '+typeof err);
|
2016-06-12 18:18:34 -06:00
|
|
|
console.log('Middleware error:'+err+'\nfor request:\n'+req);
|
|
|
|
|
if (secret.env==='production') {
|
|
|
|
|
req.flash('error', 'An error occured. <br>Would you like to <a href="/bug">report it</a>?');
|
|
|
|
|
req.flash('error-message',err);
|
2016-06-30 14:40:21 -06:00
|
|
|
} else { // development
|
2016-06-12 18:18:34 -06:00
|
|
|
req.flash('error',err);
|
|
|
|
|
req.flash('error-message',err);
|
|
|
|
|
}
|
|
|
|
|
};
|
2016-03-31 15:57:34 -06:00
|
|
|
|
2016-06-12 18:18:34 -06:00
|
|
|
var ensureAuth = function(req,res,next){
|
|
|
|
|
if (req.isAuthenticated()) { return next(); }
|
2016-07-01 19:14:36 -06:00
|
|
|
else { res.redirect('/login'); }
|
2016-06-12 18:18:34 -06:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var ensureAdmin = function(req,res,next){
|
2016-06-30 14:40:21 -06:00
|
|
|
ensureAuth(req,res,function(){
|
|
|
|
|
if (req.user.isAdmin){ return next(); }
|
|
|
|
|
else { next(); }
|
2016-07-01 19:14:36 -06:00
|
|
|
//TODO: test this by logging in as !isAdmin and go to /admin
|
2016-06-30 14:40:21 -06:00
|
|
|
// else if (!res.headersSent) { // 404 to users (not admin)
|
|
|
|
|
// var err = new Error('404: Not found: '+req.url);
|
|
|
|
|
// err.status = 404;
|
|
|
|
|
// res.render('error.html', {
|
|
|
|
|
// code: err.status
|
|
|
|
|
// });
|
|
|
|
|
// }
|
|
|
|
|
});
|
2016-06-12 18:18:34 -06:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
|
throwErr,
|
|
|
|
|
ensureAuth,
|
|
|
|
|
ensureAdmin
|
2016-03-31 15:57:34 -06:00
|
|
|
};
|
