krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-19 15:48:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove accessControl for now, move custom session handling to ealier

Browse Source 
in process
This commit is contained in:
Tyler Renelle
2012-08-02 19:07:23 -04:00
parent 9d0ddd08fb
commit 2fb562c90e
2 changed files with 34 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
lib/server/index.js
View File

@@ -1,5 +1,5 @@
// Generated by CoffeeScript 1.3.3
var ONE_YEAR, app, customMiddleware, derby, express, expressApp, gzippo, http, path, publicPath, racer, root, server, serverError, store;
var ONE_YEAR, app, derby, express, expressApp, gzippo, habitrpgMobile, habitrpgSessions, http, path, publicPath, racer, root, server, serverError, store;
http = require('http');
@@ -37,28 +37,27 @@ store = derby.createStore({
listen: server
});
require('./setupStore').accessControl(store);
ONE_YEAR = 1000 * 60 * 60 * 24 * 365;
root = path.dirname(path.dirname(__dirname));
publicPath = path.join(root, 'public');
customMiddleware = function(that) {
return function(req, res, next) {
var acceptableUid, model, uidParam;
model = req.getModel();
model.set('_mobileDevice', /Android|webOS|iPhone|iPad|iPod|BlackBerry/i.test(req.header('User-Agent')));
uidParam = req.url.split('/')[1];
acceptableUid = require('guid').isGuid(uidParam) || (uidParam === '3' || uidParam === '4' || uidParam === '9');
if (acceptableUid && model.session.userId !== uidParam) {
model.set('_userId', uidParam);
model.session.userId = uidParam;
}
next();
return that;
};
habitrpgMobile = function(req, res, next) {
var model;
model = req.getModel();
model.set('_mobileDevice', /Android|webOS|iPhone|iPad|iPod|BlackBerry/i.test(req.header('User-Agent')));
return next();
};
habitrpgSessions = function(req, res, next) {
var acceptableUid, uidParam;
uidParam = req.url.split('/')[1];
acceptableUid = require('guid').isGuid(uidParam) || (uidParam === '3' || uidParam === '4' || uidParam === '9');
if (acceptableUid && req.session.userId !== uidParam) {
req.session.userId = uidParam;
}
return next();
};
expressApp.use(express.favicon()).use(gzippo.staticGzip(publicPath, {
@@ -68,7 +67,7 @@ expressApp.use(express.favicon()).use(gzippo.staticGzip(publicPath, {
cookie: {
maxAge: ONE_YEAR
}
})).use(store.modelMiddleware()).use(customMiddleware(this)).use(app.router()).use(expressApp.router).use(serverError(root));
})).use(habitrpgSessions).use(store.modelMiddleware()).use(habitrpgMobile).use(app.router()).use(expressApp.router).use(serverError(root));
expressApp.all('*', function(req) {
throw "404: " + req.url;