closes #1400, bunch of other fixes to 404, 403 in accounts

src/middleware/middleware.js

@@ -52,6 +52,20 @@ middleware.redirectToAccountIfLoggedIn = function(req, res, next) {
 	}
 };
 
+middleware.redirectToSelf = function(req, res, next) {
+	if (req.user && req.params.userslug === '[self]') {
+		user.getUserField(req.user.uid, 'userslug', function (err, userslug) {
+			if(res.locals.isAPI) {
+				res.json(302, '/user/' + userslug + (req.params.section ? '/' + req.params.section : ''));
+			} else {
+				res.redirect('/user/' + userslug + (req.params.section ? '/' + req.params.section : ''));
+			}
+		});
+	} else {
+		next();
+	}
+};
+
 middleware.addSlug = function(req, res, next) {
 	function redirect(method, id, name) {
 		method(id, 'slug', function(err, slug) {
@@ -114,7 +128,7 @@ middleware.checkAccountPermissions = function(req, res, next) {
 		// not sure if this check really should belong here. also make sure we're not doing this check again in the actual method
 		if (!uid) {
 			if (res.locals.isAPI) {
-				return res.json(404);
+				return res.json(404, 'not-found');
 			} else {
 				return res.redirect('404');
 			}