sudoxreboot/habitica
1
0
Fork 0
mirror of https://github.com/sudoxnym/habitica.git synced 2026-05-21 21:28:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

better routes delegation in /:uid?

Browse source
This commit is contained in:
Tyler Renelle 2012-10-12 10:08:48 -04:00
parent 2e43d71a66
commit 2e2d09a7d1
4 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/app/index.js
View file

@ -23,10 +23,10 @@ helpers.viewHelpers(view);
_ = require('lodash');
get('/:uidParam?', function(page, model, _arg, next) {
var req, sess, uidParam;
uidParam = _arg.uidParam;
if ((uidParam === 'privacy' || uidParam === 'terms' || uidParam === 'auth')) {
get('/:uid?', function(page, model, _arg, next) {
var req, sess, uid;
uid = _arg.uid;
if (uid && !(require('guid').isGuid(uid))) {
return next();
}
req = page._res.req;

2
lib/server/auth.js
View file

@ -22,7 +22,7 @@ module.exports.newUserAndPurl = function() {
sess.userId = derby.uuid();
model.set("users." + sess.userId, schema.newUserObject());
}
acceptableUid = require('guid').isGuid(uidParam) || (uidParam === '3');
acceptableUid = require('guid').isGuid(uidParam);
if (acceptableUid && sess.userId !== uidParam && !(sess.habitRpgAuth && sess.habitRpgAuth.facebook)) {
return sess.userId = uidParam;
}

8
src/app/index.coffee
View file

@ -15,9 +15,11 @@ _ = require 'lodash'
# ========== ROUTES ==========
get '/:uidParam?', (page, model, {uidParam}, next) ->
#FIXME figure out a better way to do this
return next() if (uidParam in ['privacy','terms','auth'])
get '/:uid?', (page, model, {uid}, next) ->
# delegate to other routes. FIXME how to define express routes first?
if uid && !(require('guid').isGuid(uid))
return next()
# Force SSL
req = page._res.req
if req.headers['x-forwarded-proto']!='https' and process.env.NODE_ENV=='production'

2
src/server/auth.coffee
View file

@ -21,7 +21,7 @@ module.exports.newUserAndPurl = ->
## -------- (2) PURL --------
# eg, http://localhost/{guid}), legacy - will be removed eventually
# tests if UUID was used (bookmarked private url), and restores that session
acceptableUid = require('guid').isGuid(uidParam) or (uidParam == '3')
acceptableUid = require('guid').isGuid(uidParam)
if acceptableUid && sess.userId!=uidParam && !(sess.habitRpgAuth && sess.habitRpgAuth.facebook)
# TODO check if in database - issue with accessControl which is on current uid?
sess.userId = uidParam