feat: add buildHeaderAsync (#8367)

* feat: add buildHeaderAsync make helphers.notAllowed async * fix: remove csrf from buildHeader * fix: remove unused method, use middleware * fix: /post/pid redirect doesn't need buildHeader use buildHeaderAsync
2025-12-20 15:30:39 +01:00 · 2020-06-04 01:14:46 -04:00
parent dcb85ee7a1
commit 842b8abb84
9 changed files with 61 additions and 73 deletions
--- a/src/controllers/helpers.js
+++ b/src/controllers/helpers.js
@@ -2,7 +2,6 @@

 const nconf = require('nconf');
 const validator = require('validator');
-const winston = require('winston');
 const querystring = require('querystring');
 const _ = require('lodash');

@@ -15,21 +14,19 @@ const middleware = require('../middleware');

 const helpers = module.exports;

-helpers.noScriptErrors = function (req, res, error, httpStatus) {
+helpers.noScriptErrors = async function (req, res, error, httpStatus) {
 	if (req.body.noscript !== 'true') {
 		return res.status(httpStatus).send(error);
 	}

-	const middleware = require('../middleware');
 	const httpStatusString = httpStatus.toString();
-	middleware.buildHeader(req, res, function () {
-		res.status(httpStatus).render(httpStatusString, {
-			path: req.path,
-			loggedIn: req.loggedIn,
-			error: error,
-			returnLink: true,
-			title: '[[global:' + httpStatusString + '.title]]',
-		});
+	await middleware.buildHeaderAsync(req, res);
+	res.status(httpStatus).render(httpStatusString, {
+		path: req.path,
+		loggedIn: req.loggedIn,
+		error: error,
+		returnLink: true,
+		title: '[[global:' + httpStatusString + '.title]]',
 	});
 };

@@ -104,41 +101,37 @@ helpers.buildTerms = function (url, term, query) {
 	}];
 };

-helpers.notAllowed = function (req, res, error) {
-	plugins.fireHook('filter:helpers.notAllowed', {
+helpers.notAllowed = async function (req, res, error) {
+	const data = await plugins.fireHook('filter:helpers.notAllowed', {
 		req: req,
 		res: res,
 		error: error,
-	}, function (err) {
-		if (err) {
-			return winston.error(err);
-		}
-		if (req.loggedIn || req.uid === -1) {
-			if (res.locals.isAPI) {
-				res.status(403).json({
-					path: req.path.replace(/^\/api/, ''),
-					loggedIn: req.loggedIn,
-					error: error,
-					title: '[[global:403.title]]',
-				});
-			} else {
-				middleware.buildHeader(req, res, function () {
-					res.status(403).render('403', {
-						path: req.path,
-						loggedIn: req.loggedIn,
-						error: error,
-						title: '[[global:403.title]]',
-					});
-				});
-			}
-		} else if (res.locals.isAPI) {
-			req.session.returnTo = req.url.replace(/^\/api/, '');
-			res.status(401).json('not-authorized');
-		} else {
-			req.session.returnTo = req.url;
-			res.redirect(nconf.get('relative_path') + '/login');
-		}
 	});
+
+	if (req.loggedIn || req.uid === -1) {
+		if (res.locals.isAPI) {
+			res.status(403).json({
+				path: req.path.replace(/^\/api/, ''),
+				loggedIn: req.loggedIn,
+				error: data.error,
+				title: '[[global:403.title]]',
+			});
+		} else {
+			await middleware.buildHeaderAsync(req, res);
+			res.status(403).render('403', {
+				path: req.path,
+				loggedIn: req.loggedIn,
+				error: data.error,
+				title: '[[global:403.title]]',
+			});
+		}
+	} else if (res.locals.isAPI) {
+		req.session.returnTo = req.url.replace(/^\/api/, '');
+		res.status(401).json('not-authorized');
+	} else {
+		req.session.returnTo = req.url;
+		res.redirect(nconf.get('relative_path') + '/login');
+	}
 };

 helpers.redirect = function (res, url) {