Public versionHEADmaster

1 files changed, 57 insertions, 0 deletions

diff --git a/middleware/index.js b/middleware/index.js
new file mode 100644
index 0000000..26751d1
--- /dev/null
+++ b/middleware/index.js
@@ -0,0 +1,57 @@
+const Post = require('../models/blogPost'),
+    Cmmnt = require('../models/cmmnt'),
+    User = require('../models/user');
+
+const middlewareObj = {};
+
+middlewareObj.checkPostOwnership = (req, res, next) => {
+    if(req.isAuthenticated()) {
+        Post.findById(req.params.pid, (err, foundPost) => {
+            if(err) {
+                console.log(err);
+            } else {
+                if(!foundPost) {
+                    return res.redirect('back');
+                }
+                if(foundPost.author.id.equals(req.user._id)) {
+                    next();
+                } else {
+                    res.redirect('back');
+                }
+            }
+        });
+    } else {
+        res.redirect('/');
+    }
+}
+
+middlewareObj.checkCmmntOwnership = (req, res, next) => {
+    if(req.isAuthenticated()) {
+        Cmmnt.findById(req.params.cid, (err, foundCmmnt) => {
+            if(err) {
+                req.flash('error', 'not found...');
+                res.redirect('back');
+            } else {
+                if(foundCmmnt.author.id.equals(req.user._id)) {
+                    next();
+                } else {
+                    req.flash('error', 'Permission denied!');
+                    res.redirect('back');
+                }
+            }
+        });
+    } else {
+        req.flash('error', 'You need to be logged in to do that!');
+        res.redirect('back');
+    }
+}
+
+middlewareObj.isLoggedIn = (req, res, next) => {
+    if (req.isAuthenticated()) {
+        return next();
+    }
+    //req.flash("error", "You need to be logged in to do that!"); // Must come before redirecting
+    //res.redirect("/login");
+};
+
+module.exports = middlewareObj;