hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add router.all

Browse Source
v1.18.x
Baris Usakli 8 years ago
parent 1247b4b53b
commit e9639833c5
4 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File

9
src/middleware/index.js
Unescape Escape View File

@ -34,15 +34,6 @@ require('./maintenance')(middleware);
require('./user')(middleware);
require('./headers')(middleware);
middleware.stripLeadingSlashes = function (req, res, next) {
var target = req.originalUrl.replace(nconf.get('relative_path'), '');
if (target.startsWith('//')) {
res.redirect(nconf.get('relative_path') + target.replace(/^\/+/, '/'));
} else {
next();
}
};
middleware.pageView = function (req, res, next) {
analytics.pageView({
ip: req.ip,

4
src/plugins.js
Unescape Escape View File

@ -117,6 +117,10 @@ Plugins.reload = function (callback) {
Plugins.reloadRoutes = function (callback) {
var router = express.Router();
var ensureLoggedIn = require('connect-ensure-login');
router.all('(/api/admin|/api/admin/*?)', middleware.isAdmin);
router.all('(/admin|/admin/*?)', ensureLoggedIn.ensureLoggedIn(nconf.get('relative_path') + '/login?local=1'), middleware.applyCSRF, middleware.isAdmin);
router.hotswapId = 'plugins';
router.render = function () {

6
src/routes/index.js
Unescape Escape View File

@ -113,12 +113,14 @@ module.exports = function (app, middleware, hotswapIds, callback) {
pluginRouter.hotswapId = 'plugins';
authRouter.hotswapId = 'auth';
app.use(middleware.stripLeadingSlashes);
app.all(relativePath + '(/api|/api/*?)', middleware.prepareAPI);
app.all(relativePath + '(/api/admin|/api/admin/*?)', middleware.isAdmin);
app.all(relativePath + '(/admin|/admin/*?)', ensureLoggedIn.ensureLoggedIn(nconf.get('relative_path') + '/login?local=1'), middleware.applyCSRF, middleware.isAdmin);
router.all('(/api/admin|/api/admin/*?)', middleware.isAdmin);
router.all('(/admin|/admin/*?)', ensureLoggedIn.ensureLoggedIn(nconf.get('relative_path') + '/login?local=1'), middleware.applyCSRF, middleware.isAdmin);
adminRoutes(router, middleware, controllers);
metaRoutes(router, middleware, controllers);
apiRoutes(router, middleware, controllers);

20
test/controllers.js
Unescape Escape View File

@ -1771,6 +1771,26 @@ describe('Controllers', function () {
});
});
describe('admin middlewares', function () {
it('should redirect to login', function (done) {
request(nconf.get('url') + '//api/admin/advanced/database', { json: true }, function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 200);
assert(body.indexOf('Login to your account') !== -1);
done();
});
});
it('should redirect to login', function (done) {
request(nconf.get('url') + '//admin/advanced/database', { json: true }, function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 200);
assert(body.indexOf('Login to your account') !== -1);
done();
});
});
});
after(function (done) {
var analytics = require('../src/analytics');
analytics.writeData(done);

Write Preview
Loading…
Cancel
Save