[refactoring] auth as middleware
This commit is contained in:
les
@@ -5,7 +5,7 @@ const bodyParser = require('body-parser')
|
||||
const expressJwt = require('express-jwt')
|
||||
const config = require('config')
|
||||
|
||||
const { fillUser, isAuth, isAdmin } = require('./auth')
|
||||
const { isAuth, isAdmin } = require('./auth')
|
||||
const eventController = require('./controller/event')
|
||||
const exportController = require('./controller/export')
|
||||
const userController = require('./controller/user')
|
||||
@@ -21,16 +21,9 @@ api.use(cookieParser())
|
||||
api.use(bodyParser.urlencoded({ extended: false }))
|
||||
api.use(bodyParser.json())
|
||||
|
||||
// const jwt = expressJwt({
|
||||
// secret: config.secret,
|
||||
// credentialsRequired: false
|
||||
// })
|
||||
|
||||
// api.use(jwt)
|
||||
|
||||
// AUTH
|
||||
api.post('/auth/login', userController.login)
|
||||
api.get('/auth/user', fillUser, userController.current)
|
||||
api.get('/auth/user', userController.current)
|
||||
|
||||
api.post('/user/recover', userController.forgotPassword)
|
||||
api.post('/user/check_recover_code', userController.checkRecoverCode)
|
||||
@@ -38,28 +31,24 @@ api.post('/user/recover_password', userController.updatePasswordWithRecoverCode)
|
||||
|
||||
// register and add users
|
||||
api.post('/user/register', userController.register)
|
||||
api.post('/user', isAuth, isAdmin, userController.create)
|
||||
api.post('/user', isAdmin, userController.create)
|
||||
|
||||
// update user
|
||||
api.put('/user', isAuth, userController.update)
|
||||
|
||||
// delete user
|
||||
api.delete('/user/:id', isAuth, isAdmin, userController.remove)
|
||||
api.delete('/user/:id', isAdmin, userController.remove)
|
||||
|
||||
//
|
||||
// api.delete('/user', userController.remove)
|
||||
|
||||
// get all users
|
||||
api.get('/users', isAuth, isAdmin, userController.getAll)
|
||||
|
||||
// update a tag (modify color)
|
||||
api.put('/tag', isAuth, isAdmin, eventController.updateTag)
|
||||
api.get('/users', isAdmin, userController.getAll)
|
||||
|
||||
// update a place (modify address..)
|
||||
api.put('/place', isAuth, isAdmin, eventController.updatePlace)
|
||||
api.put('/place', isAdmin, eventController.updatePlace)
|
||||
|
||||
// add event
|
||||
api.post('/user/event', fillUser, upload.single('image'), userController.addEvent)
|
||||
api.post('/user/event', upload.single('image'), userController.addEvent)
|
||||
|
||||
// update event
|
||||
api.put('/user/event', isAuth, upload.single('image'), userController.updateEvent)
|
||||
@@ -71,14 +60,14 @@ api.delete('/user/event/:id', isAuth, userController.delEvent)
|
||||
api.get('/event/meta', eventController.getMeta)
|
||||
|
||||
// get unconfirmed events
|
||||
api.get('/event/unconfirmed', isAuth, isAdmin, eventController.getUnconfirmed)
|
||||
api.get('/event/unconfirmed', isAdmin, eventController.getUnconfirmed)
|
||||
|
||||
// add event notification
|
||||
api.post('/event/notification', eventController.addNotification)
|
||||
api.delete('/event/notification/:code', eventController.delNotification)
|
||||
|
||||
api.get('/settings', settingsController.getAllRequest)
|
||||
api.post('/settings', fillUser, isAdmin, settingsController.setRequest)
|
||||
api.post('/settings', isAdmin, settingsController.setRequest)
|
||||
|
||||
api.get('/settings/user_locale', settingsController.getUserLocale)
|
||||
|
||||
@@ -87,7 +76,7 @@ api.get('/event/confirm/:event_id', isAuth, eventController.confirm)
|
||||
api.get('/event/unconfirm/:event_id', isAuth, eventController.unconfirm)
|
||||
|
||||
// get event
|
||||
api.get('/event/:event_id.:format?', fillUser, eventController.get)
|
||||
api.get('/event/:event_id.:format?', eventController.get)
|
||||
|
||||
// export events (rss/ics)
|
||||
api.get('/export/:type', exportController.export)
|
||||
|
||||
Reference in New Issue
Block a user