Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 19:46:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(refactor): merging write-api auth middlewares with core middlewares

Browse Source
This commit is contained in:
Julian Lam
2020-10-01 10:52:05 -04:00
parent ec5c48b188
commit f6433ef2c5
6 changed files with 261 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/controllers/helpers.js
View File

@@ -123,12 +123,7 @@ helpers.notAllowed = async function (req, res, error) {
if (req.loggedIn || req.uid === -1) {
if (res.locals.isAPI) {
res.status(403).json({
path: req.path.replace(/^\/api/, ''),
loggedIn: req.loggedIn,
error: data.error,
title: '[[global:403.title]]',
});
helpers.formatApiResponse(403, res, error);
} else {
await middleware.buildHeaderAsync(req, res);
res.status(403).render('403', {
@@ -140,7 +135,7 @@ helpers.notAllowed = async function (req, res, error) {
}
} else if (res.locals.isAPI) {
req.session.returnTo = req.url.replace(/^\/api/, '');
res.status(401).json('not-authorized');
helpers.formatApiResponse(401, res, error);
} else {
req.session.returnTo = req.url;
res.redirect(nconf.get('relative_path') + '/login');
@@ -353,9 +348,6 @@ helpers.formatApiResponse = async (statusCode, res, payload) => {
},
response: payload || {},
});
} else if (!payload) {
// Non-2xx statusCode, generate predefined error
res.status(statusCode).json(helpers.generateError(statusCode));
} else if (payload instanceof Error) {
if (isLanguageKey.test(payload.message)) {
const translated = await translator.translate(payload.message, 'en-GB');
@@ -363,6 +355,9 @@ helpers.formatApiResponse = async (statusCode, res, payload) => {
} else {
res.status(statusCode).json(helpers.generateError(statusCode, payload.message));
}
} else if (!payload) {
// Non-2xx statusCode, generate predefined error
res.status(statusCode).json(helpers.generateError(statusCode));
}
};
@@ -377,34 +372,34 @@ helpers.generateError = (statusCode, message) => {
// Need to turn all these into translation strings
switch (statusCode) {
case 400:
payload.status.code = 'bad-request';
payload.status.message = message || 'Something was wrong with the request payload you passed in.';
break;
case 400:
payload.status.code = 'bad-request';
payload.status.message = message || 'Something was wrong with the request payload you passed in.';
break;
case 401:
payload.status.code = 'not-authorised';
payload.status.message = 'A valid login session was not found. Please log in and try again.';
break;
case 401:
payload.status.code = 'not-authorised';
payload.status.message = message || 'A valid login session was not found. Please log in and try again.';
break;
case 403:
payload.status.code = 'forbidden';
payload.status.message = 'You are not authorised to make this call';
break;
case 403:
payload.status.code = 'forbidden';
payload.status.message = message || 'You are not authorised to make this call';
break;
case 404:
payload.status.code = 'not-found';
payload.status.message = 'Invalid API call';
break;
case 404:
payload.status.code = 'not-found';
payload.status.message = message || 'Invalid API call';
break;
case 426:
payload.status.code = 'upgrade-required';
payload.status.message = 'HTTPS is required for requests to the write api, please re-send your request via HTTPS';
break;
case 426:
payload.status.code = 'upgrade-required';
payload.status.message = message || 'HTTPS is required for requests to the write api, please re-send your request via HTTPS';
break;
case 500:
payload.status.code = 'internal-server-error';
payload.status.message = message || payload.status.message;
case 500:
payload.status.code = 'internal-server-error';
payload.status.message = message || payload.status.message;
}
return payload;