summaryrefslogtreecommitdiff
path: root/middleware/index.js
blob: 26751d1037b300cb9da36033d3f2521fe9066f84 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

const Post = require('../models/blogPost'),
    Cmmnt = require('../models/cmmnt'),
    User = require('../models/user');

const middlewareObj = {};

middlewareObj.checkPostOwnership = (req, res, next) => {
    if(req.isAuthenticated()) {
        Post.findById(req.params.pid, (err, foundPost) => {
            if(err) {
                console.log(err);
            } else {
                if(!foundPost) {
                    return res.redirect('back');
                }
                if(foundPost.author.id.equals(req.user._id)) {
                    next();
                } else {
                    res.redirect('back');
                }
            }
        });
    } else {
        res.redirect('/');
    }
}

middlewareObj.checkCmmntOwnership = (req, res, next) => {
    if(req.isAuthenticated()) {
        Cmmnt.findById(req.params.cid, (err, foundCmmnt) => {
            if(err) {
                req.flash('error', 'not found...');
                res.redirect('back');
            } else {
                if(foundCmmnt.author.id.equals(req.user._id)) {
                    next();
                } else {
                    req.flash('error', 'Permission denied!');
                    res.redirect('back');
                }
            }
        });
    } else {
        req.flash('error', 'You need to be logged in to do that!');
        res.redirect('back');
    }
}

middlewareObj.isLoggedIn = (req, res, next) => {
    if (req.isAuthenticated()) {
        return next();
    }
    //req.flash("error", "You need to be logged in to do that!"); // Must come before redirecting
    //res.redirect("/login");
};

module.exports = middlewareObj;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-17 04:47:48 +0000