From 4fba1492c100ae59d55e4cb6b58ba1d76f095cff Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Fri, 7 Dec 2018 13:31:31 -0500 Subject: [PATCH] feat: added new middleware authenticateOrGuest --- src/middleware/user.js | 16 +++++++++++++--- src/routes/api.js | 6 +++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/src/middleware/user.js b/src/middleware/user.js index c6a351675f..fb765f0599 100644 --- a/src/middleware/user.js +++ b/src/middleware/user.js @@ -15,7 +15,7 @@ var controllers = { }; module.exports = function (middleware) { - middleware.authenticate = function (req, res, next) { + function authenticate(req, res, next, callback) { if (req.loggedIn) { return next(); } @@ -34,13 +34,23 @@ module.exports = function (middleware) { return next(); } - controllers.helpers.notAllowed(req, res); + callback(); }); }, }); } - controllers.helpers.notAllowed(req, res); + callback(); + } + + middleware.authenticate = function (req, res, next) { + authenticate(req, res, next, function () { + controllers.helpers.notAllowed(req, res, next); + }); + }; + + middleware.authenticateOrGuest = function (req, res, next) { + authenticate(req, res, next, next); }; middleware.ensureSelfOrGlobalPrivilege = function (req, res, next) { diff --git a/src/routes/api.js b/src/routes/api.js index c0c69db4ef..4ff12e4895 100644 --- a/src/routes/api.js +++ b/src/routes/api.js @@ -19,9 +19,9 @@ module.exports = function (app, middleware, controllers) { router.get('/user/uid/:userslug/export/uploads', middleware.checkAccountPermissions, middleware.exposeUid, controllers.user.exportUploads); router.get('/user/uid/:userslug/export/profile', middleware.checkAccountPermissions, middleware.exposeUid, controllers.user.exportProfile); - router.get('/:type/pid/:id', middleware.authenticate, controllers.api.getObject); - router.get('/:type/tid/:id', middleware.authenticate, controllers.api.getObject); - router.get('/:type/cid/:id', middleware.authenticate, controllers.api.getObject); + router.get('/:type/pid/:id', middleware.authenticateOrGuest, controllers.api.getObject); + router.get('/:type/tid/:id', middleware.authenticateOrGuest, controllers.api.getObject); + router.get('/:type/cid/:id', middleware.authenticateOrGuest, controllers.api.getObject); router.get('/categories/:cid/moderators', controllers.api.getModerators); router.get('/recent/posts/:term?', controllers.posts.getRecentPosts);