155 lines
4.1 KiB
JavaScript
Executable File
155 lines
4.1 KiB
JavaScript
Executable File
var _ = require('underscore')
|
|
, path = require('path')
|
|
, passport = require('passport')
|
|
, AuthCtrl = require('./controllers/auth')
|
|
, UserCtrl = require('./controllers/user')
|
|
, User = require('./models/User.js')
|
|
, userRoles = require('../client/js/routingConfig').userRoles
|
|
, accessLevels = require('../client/js/routingConfig').accessLevels;
|
|
|
|
var routes = [
|
|
|
|
// Views
|
|
{
|
|
path: '/partials/*',
|
|
httpMethod: 'GET',
|
|
middleware: [function (req, res) {
|
|
var requestedView = path.join('./', req.url);
|
|
res.render(requestedView);
|
|
}]
|
|
},
|
|
|
|
// OAUTH
|
|
{
|
|
path: '/auth/twitter',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('twitter')]
|
|
},
|
|
{
|
|
path: '/auth/twitter/callback',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('twitter', {
|
|
successRedirect: '/',
|
|
failureRedirect: '/login'
|
|
})]
|
|
},
|
|
{
|
|
path: '/auth/facebook',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('facebook')]
|
|
},
|
|
{
|
|
path: '/auth/facebook/callback',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('facebook', {
|
|
successRedirect: '/',
|
|
failureRedirect: '/login'
|
|
})]
|
|
},
|
|
{
|
|
path: '/auth/google',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('google')]
|
|
},
|
|
{
|
|
path: '/auth/google/return',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('google', {
|
|
successRedirect: '/',
|
|
failureRedirect: '/login'
|
|
})]
|
|
},
|
|
{
|
|
path: '/auth/linkedin',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('linkedin')]
|
|
},
|
|
{
|
|
path: '/auth/linkedin/callback',
|
|
httpMethod: 'GET',
|
|
middleware: [passport.authenticate('linkedin', {
|
|
successRedirect: '/',
|
|
failureRedirect: '/login'
|
|
})]
|
|
},
|
|
|
|
// Local Auth
|
|
{
|
|
path: '/register',
|
|
httpMethod: 'POST',
|
|
middleware: [AuthCtrl.register]
|
|
},
|
|
{
|
|
path: '/login',
|
|
httpMethod: 'POST',
|
|
middleware: [AuthCtrl.login]
|
|
},
|
|
{
|
|
path: '/logout',
|
|
httpMethod: 'POST',
|
|
middleware: [AuthCtrl.logout]
|
|
},
|
|
|
|
// User resource
|
|
{
|
|
path: '/users',
|
|
httpMethod: 'GET',
|
|
middleware: [UserCtrl.index],
|
|
accessLevel: accessLevels.admin
|
|
},
|
|
|
|
// All other get requests should be handled by AngularJS's client-side routing system
|
|
{
|
|
path: '/*',
|
|
httpMethod: 'GET',
|
|
middleware: [function(req, res) {
|
|
var role = userRoles.public, username = '';
|
|
if(req.user) {
|
|
role = req.user.role;
|
|
username = req.user.username;
|
|
}
|
|
res.cookie('user', JSON.stringify({
|
|
'username': username,
|
|
'role': role
|
|
}));
|
|
res.render('index');
|
|
}]
|
|
}
|
|
];
|
|
|
|
module.exports = function(app) {
|
|
|
|
_.each(routes, function(route) {
|
|
route.middleware.unshift(ensureAuthorized);
|
|
var args = _.flatten([route.path, route.middleware]);
|
|
|
|
switch(route.httpMethod.toUpperCase()) {
|
|
case 'GET':
|
|
app.get.apply(app, args);
|
|
break;
|
|
case 'POST':
|
|
app.post.apply(app, args);
|
|
break;
|
|
case 'PUT':
|
|
app.put.apply(app, args);
|
|
break;
|
|
case 'DELETE':
|
|
app.delete.apply(app, args);
|
|
break;
|
|
default:
|
|
throw new Error('Invalid HTTP method specified for route ' + route.path);
|
|
break;
|
|
}
|
|
});
|
|
}
|
|
|
|
function ensureAuthorized(req, res, next) {
|
|
var role;
|
|
if(!req.user) role = userRoles.public;
|
|
else role = req.user.role;
|
|
|
|
var accessLevel = _.findWhere(routes, { path: req.route.path }).accessLevel || accessLevels.public;
|
|
|
|
if(!(accessLevel.bitMask & role.bitMask)) return res.send(403);
|
|
return next();
|
|
} |