feat: added new middleware authenticateOrGuest

src/middleware/user.js

@@ -15,7 +15,7 @@ var controllers = {
 };
 
 module.exports = function (middleware) {
-	middleware.authenticate = function (req, res, next) {
+	function authenticate(req, res, next, callback) {
 		if (req.loggedIn) {
 			return next();
 		}
@@ -34,13 +34,23 @@ module.exports = function (middleware) {
 							return next();
 						}
 
-						controllers.helpers.notAllowed(req, res);
+						callback();
 					});
 				},
 			});
 		}
 
-		controllers.helpers.notAllowed(req, res);
+		callback();
+	}
+
+	middleware.authenticate = function (req, res, next) {
+		authenticate(req, res, next, function () {
+			controllers.helpers.notAllowed(req, res, next);
+		});
+	};
+
+	middleware.authenticateOrGuest = function (req, res, next) {
+		authenticate(req, res, next, next);
 	};
 
 	middleware.ensureSelfOrGlobalPrivilege = function (req, res, next) {

src/routes/api.js

@@ -19,9 +19,9 @@ module.exports = function (app, middleware, controllers) {
 	router.get('/user/uid/:userslug/export/uploads', middleware.checkAccountPermissions, middleware.exposeUid, controllers.user.exportUploads);
 	router.get('/user/uid/:userslug/export/profile', middleware.checkAccountPermissions, middleware.exposeUid, controllers.user.exportProfile);
 
-	router.get('/:type/pid/:id', middleware.authenticate, controllers.api.getObject);
-	router.get('/:type/tid/:id', middleware.authenticate, controllers.api.getObject);
-	router.get('/:type/cid/:id', middleware.authenticate, controllers.api.getObject);
+	router.get('/:type/pid/:id', middleware.authenticateOrGuest, controllers.api.getObject);
+	router.get('/:type/tid/:id', middleware.authenticateOrGuest, controllers.api.getObject);
+	router.get('/:type/cid/:id', middleware.authenticateOrGuest, controllers.api.getObject);
 
 	router.get('/categories/:cid/moderators', controllers.api.getModerators);
 	router.get('/recent/posts/:term?', controllers.posts.getRecentPosts);