|
|
|
@ -194,6 +194,15 @@ middleware.isAdmin = function(req, res, next) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (isAdmin) {
|
|
|
|
if (isAdmin) {
|
|
|
|
|
|
|
|
user.hasPassword(req.uid, function(err, hasPassword) {
|
|
|
|
|
|
|
|
if (err) {
|
|
|
|
|
|
|
|
return next(err);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!hasPassword) {
|
|
|
|
|
|
|
|
return next();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var loginTime = req.session.meta ? req.session.meta.datetime : 0;
|
|
|
|
var loginTime = req.session.meta ? req.session.meta.datetime : 0;
|
|
|
|
if (loginTime && parseInt(loginTime, 10) > Date.now() - 3600000) {
|
|
|
|
if (loginTime && parseInt(loginTime, 10) > Date.now() - 3600000) {
|
|
|
|
return next();
|
|
|
|
return next();
|
|
|
|
@ -207,6 +216,7 @@ middleware.isAdmin = function(req, res, next) {
|
|
|
|
res.redirect('/login');
|
|
|
|
res.redirect('/login');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (res.locals.isAPI) {
|
|
|
|
if (res.locals.isAPI) {
|
|
|
|
|
barisusakli
9 years ago