DRY req props that depend on auth (fix #6727) (#6731)

* DRY req props that depend on auth (fix #6727) authentication leads to req.loggedIn and req.uid being set. However, a later authentication event might outdate them. Here, I create one function for setting those properties, and make sure it also is called on the `action:middleware.authenticate` hook, which would be such an authentication event. If there are other places, those should be added as well. * fix lint errors * fix lint error * change exports
2025-11-10 07:55:46 +01:00 · 2018-09-04 15:43:33 +02:00
parent 3e1b007f9f
commit c7f3b76b4e
3 changed files with 20 additions and 16 deletions
--- a/src/controllers/groups.js
+++ b/src/controllers/groups.js
@@ -8,7 +8,7 @@ var groups = require('../groups');
 var user = require('../user');
 var helpers = require('./helpers');

-var groupsController = {};
+var groupsController = module.exports;

 groupsController.list = function (req, res, next) {
 	var sort = req.query.sort || 'alpha';
@@ -177,5 +177,3 @@ groupsController.uploadCover = function (req, res, next) {
 		res.json([{ url: image.url }]);
 	});
 };
-
-module.exports = groupsController;
--- a/src/middleware/user.js
+++ b/src/middleware/user.js
@@ -8,6 +8,8 @@ var user = require('../user');
 var privileges = require('../privileges');
 var plugins = require('../plugins');

+var auth = require('../routes/authentication');
+
 var controllers = {
 	helpers: require('../controllers/helpers'),
 };
@@ -22,7 +24,9 @@ module.exports = function (middleware) {
 			return plugins.fireHook('action:middleware.authenticate', {
 				req: req,
 				res: res,
-				next: next,
+				next: function (err) {
+					auth.setAuthVars(req, res, function () { next(err); });
+				},
 			});
 		}

--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -19,7 +19,13 @@ Auth.initialize = function (app, middleware) {
 	app.use(passport.initialize());
 	app.use(passport.session());

-	app.use(function (req, res, next) {
+	app.use(Auth.setAuthVars);
+
+	Auth.app = app;
+	Auth.middleware = middleware;
+};
+
+Auth.setAuthVars = function (req, res, next) {
 	var isSpider = req.isSpider();
 	req.loggedIn = !isSpider && !!req.user;
 	if (isSpider) {
@@ -30,10 +36,6 @@ Auth.initialize = function (app, middleware) {
 		req.uid = 0;
 	}
 	next();
-	});
-
-	Auth.app = app;
-	Auth.middleware = middleware;
 };

 Auth.getLoginStrategies = function () {