From b1c3b8e7e7382de9014a90237f1dc4b54b623bae Mon Sep 17 00:00:00 2001 From: Blade Barringer Date: Sat, 26 Mar 2016 17:11:30 -0500 Subject: [PATCH] chore: Update res.json(code, json) to res.status(code).json(json) --- website/src/controllers/api-v2/auth.js | 50 ++++++------- website/src/controllers/api-v2/challenges.js | 10 +-- website/src/controllers/api-v2/coupon.js | 4 +- website/src/controllers/api-v2/groups.js | 74 +++++++++---------- website/src/controllers/api-v2/hall.js | 8 +- website/src/controllers/api-v2/members.js | 2 +- .../src/controllers/api-v2/unsubscription.js | 10 +-- website/src/controllers/api-v2/user.js | 44 +++++------ website/src/controllers/dataexport.js | 4 +- website/src/controllers/payments/amazon.js | 14 ++-- website/src/controllers/payments/index.js | 2 +- website/src/controllers/payments/paypal.js | 4 +- website/src/controllers/payments/stripe.js | 2 +- website/src/middlewares/apiThrottle.js | 2 +- website/src/middlewares/errorHandler.js | 2 +- website/src/middlewares/forceRefresh.js | 2 +- 16 files changed, 117 insertions(+), 117 deletions(-) diff --git a/website/src/controllers/api-v2/auth.js b/website/src/controllers/api-v2/auth.js index 0cad77e122..f63c652814 100644 --- a/website/src/controllers/api-v2/auth.js +++ b/website/src/controllers/api-v2/auth.js @@ -29,11 +29,11 @@ var accountSuspended = function(uuid){ api.auth = function(req, res, next) { var uid = req.headers['x-api-user']; var token = req.headers['x-api-key']; - if (!(uid && token)) return res.json(401, NO_TOKEN_OR_UID); + if (!(uid && token)) return res.status(401).json(NO_TOKEN_OR_UID); User.findOne({_id: uid, apiToken: token}, function(err, user) { if (err) return next(err); - if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND); - if (user.auth.blocked) return res.json(401, accountSuspended(user._id)); + if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND); + if (user.auth.blocked) return res.status(401).json(accountSuspended(user._id)); res.locals.wasModified = req.query._v ? +user._v !== +req.query._v : true; res.locals.user = user; @@ -44,10 +44,10 @@ api.auth = function(req, res, next) { api.authWithSession = function(req, res, next) { //[todo] there is probably a more elegant way of doing this... if (!(req.session && req.session.userId)) - return res.json(401, NO_SESSION_FOUND); + return res.status(401).json(NO_SESSION_FOUND); User.findOne({_id: req.session.userId}, function(err, user) { if (err) return next(err); - if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND); + if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND); res.locals.user = user; next(); }); @@ -56,7 +56,7 @@ api.authWithSession = function(req, res, next) { //[todo] there is probably a mo api.authWithUrl = function(req, res, next) { User.findOne({_id:req.query._id, apiToken:req.query.apiToken}, function(err,user){ if (err) return next(err); - if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND); + if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND); res.locals.user = user; next(); }); @@ -136,8 +136,8 @@ api.registerUser = function(req, res, next) { } }] }, function(err, data) { - if (err) return err.code ? res.json(err.code, err) : next(err); - res.json(200, data.register[0]); + if (err) return err.code ? res.status(err.code).json(err) : next(err); + res.status(200).json(data.register[0]); }); }; @@ -149,22 +149,22 @@ api.registerUser = function(req, res, next) { api.loginLocal = function(req, res, next) { var username = req.body.username; var password = req.body.password; - if (!(username && password)) return res.json(401, {err:'Missing :username or :password in request body, please provide both'}); + if (!(username && password)) return res.status(401).json({err:'Missing :username or :password in request body, please provide both'}); var login = validator.isEmail(username) ? {'auth.local.email':username.toLowerCase()} : // Emails are all lowercase {'auth.local.username':username}; // Use the username as the user typed it User.findOne(login, {auth:1}, function(err, user){ if (err) return next(err); - if (!user) return res.json(401, {err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."}); - if (user.auth.blocked) return res.json(401, accountSuspended(user._id)); + if (!user) return res.status(401).json({err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."}); + if (user.auth.blocked) return res.status(401).json(accountSuspended(user._id)); // We needed the whole user object first so we can get his salt to encrypt password comparison User.findOne( {$and: [login, {'auth.local.hashed_password': utils.encryptPassword(password, user.auth.local.salt)}]} , {_id:1, apiToken:1} , function(err, user){ if (err) return next(err); - if (!user) return res.json(401,{err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."}); + if (!user) return res.status(401).json({err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."}); res.json({id: user._id,token: user.apiToken}); password = null; }); @@ -178,7 +178,7 @@ api.loginSocial = function(req, res, next) { var access_token = req.body.authResponse.access_token, network = req.body.network; if (network!=='facebook') - return res.json(401, {err:"Only Facebook supported currently."}); + return res.status(401).json({err:"Only Facebook supported currently."}); async.auto({ profile: function (cb) { passport._strategies[network].userProfile(access_token, cb); @@ -223,10 +223,10 @@ api.loginSocial = function(req, res, next) { analytics.track('register', analyticsData) }] }, function(err, results){ - if (err) return res.json(401, {err: err.toString ? err.toString() : err}); + if (err) return res.status(401).json({err: err.toString ? err.toString() : err}); var acct = results.register[0] ? results.register[0] : results.register; - if (acct.auth.blocked) return res.json(401, accountSuspended(acct._id)); - return res.json(200, {id:acct._id, token:acct.apiToken}); + if (acct.auth.blocked) return res.status(401).json(accountSuspended(acct._id)); + return res.status(200).json({id:acct._id, token:acct.apiToken}); }) }; @@ -235,7 +235,7 @@ api.loginSocial = function(req, res, next) { */ api.deleteSocial = function(req,res,next){ if (!res.locals.user.auth.local.username) - return res.json(401, {err:"Account lacks another authentication method, can't detach Facebook"}); + return res.status(401).json({err:"Account lacks another authentication method, can't detach Facebook"}); //FIXME for some reason, the following gives https://gist.github.com/lefnire/f93eb306069b9089d123 //res.locals.user.auth.facebook = null; //res.locals.user.auth.save(function(err, saved){ @@ -251,7 +251,7 @@ api.resetPassword = function(req, res, next){ newPassword = utils.makeSalt(), // use a salt as the new password too (they'll change it later) hashed_password = utils.encryptPassword(newPassword, salt); - if(!email) return res.json(400, {err: "Email not provided"}); + if(!email) return res.status(400).json({err: "Email not provided"}); User.findOne({'auth.local.email': email}, function(err, user){ if (err) return next(err); @@ -285,7 +285,7 @@ api.changeUsername = function(req, res, next) { var username = req.body.username; var lowerCaseUsername = username && username.toLowerCase(); // we search for the lowercased version to intercept duplicates - if(!username) return res.json(400, {err: "Username not provided"}); + if(!username) return res.status(400).json({err: "Username not provided"}); async.waterfall([ function(cb){ User.findOne({'auth.local.lowerCaseUsername': lowerCaseUsername}, {auth:1}, cb); @@ -299,14 +299,14 @@ api.changeUsername = function(req, res, next) { user.save(cb); } ], function(err){ - if (err) return err.code ? res.json(err.code, err) : next(err); + if (err) return err.code ? res.status(err.code).json(err) : next(err); res.sendStatus(200); }) } api.changeEmail = function(req, res, next){ var email = req.body.email && req.body.email.toLowerCase(); // emails are all lowercase - if(!email) return res.json(400, {err: "Email not provided"}); + if(!email) return res.status(400).json({err: "Email not provided"}); async.waterfall([ function(cb){ @@ -319,7 +319,7 @@ api.changeEmail = function(req, res, next){ res.locals.user.save(cb); } ], function(err){ - if (err) return err.code ? res.json(err.code,err) : next(err); + if (err) return err.code ? res.status(err.code).json(err) : next(err); res.sendStatus(200); }) } @@ -331,14 +331,14 @@ api.changePassword = function(req, res, next) { confirmNewPassword = req.body.confirmNewPassword; if (newPassword != confirmNewPassword) - return res.json(401, {err: "Password & Confirm don't match"}); + return res.status(401).json({err: "Password & Confirm don't match"}); var salt = user.auth.local.salt, hashed_old_password = utils.encryptPassword(oldPassword, salt), hashed_new_password = utils.encryptPassword(newPassword, salt); if (hashed_old_password !== user.auth.local.hashed_password) - return res.json(401, {err:"Old password doesn't match"}); + return res.status(401).json({err:"Old password doesn't match"}); user.auth.local.hashed_password = hashed_new_password; user.save(function(err, saved){ @@ -362,7 +362,7 @@ api.getFirebaseToken = function(req, res, next) { expires: expires }); - res.json(200, { + res.status(200).json({ token: token, expires: expires }); diff --git a/website/src/controllers/api-v2/challenges.js b/website/src/controllers/api-v2/challenges.js index c80865799c..a749e0a2c2 100644 --- a/website/src/controllers/api-v2/challenges.js +++ b/website/src/controllers/api-v2/challenges.js @@ -67,7 +67,7 @@ api.get = function(req, res, next) { .populate('leader', 'profile.name') .exec(function(err, challenge){ if(err) return next(err); - if (!challenge) return res.json(404, {err: 'Challenge ' + req.params.cid + ' not found'}); + if (!challenge) return res.status(404).json({err: 'Challenge ' + req.params.cid + ' not found'}); challenge._isMember = !!(_.find(challenge.members, function(member) { return member._id === user._id; })); @@ -145,7 +145,7 @@ api.getMember = function(req, res, next) { .project(proj) .exec(function(err, member){ if (err) return next(err); - if (!member) return res.json(404, {err: 'Member '+uid+' for challenge '+cid+' not found'}); + if (!member) return res.status(404).json({err: 'Member '+uid+' for challenge '+cid+' not found'}); res.json(member[0]); uid = cid = null; }); @@ -207,7 +207,7 @@ api.create = function(req, res, next){ results.save_chal[0].syncToUser(user, cb); }] }, function(err, results){ - if (err) return err.code? res.json(err.code, err) : next(err); + if (err) return err.code? res.status(err.code).json(err) : next(err); return res.json(results.save_chal[0]); user = null; }) @@ -325,7 +325,7 @@ api.delete = function(req, res, next){ * Select Winner & Close */ api.selectWinner = function(req, res, next) { - if (!req.query.uid) return res.json(401, {err: 'Must select a winner'}); + if (!req.query.uid) return res.status(401).json({err: 'Must select a winner'}); var user = res.locals.user; var cid = req.params.cid; var chal; @@ -436,7 +436,7 @@ api.unlink = function(req, res, next) { var tid = req.params.id; var cid = user.tasks[tid].challenge.id; if (!req.query.keep) - return res.json(400, {err: 'Provide unlink method as ?keep=keep-all (keep, keep-all, remove, remove-all)'}); + return res.status(400).json({err: 'Provide unlink method as ?keep=keep-all (keep, keep-all, remove, remove-all)'}); user.unlink({cid:cid, keep:req.query.keep, tid:tid}, function(err, saved){ if (err) return next(err); res.sendStatus(200); diff --git a/website/src/controllers/api-v2/coupon.js b/website/src/controllers/api-v2/coupon.js index fa8c9365b0..a7605a26cb 100644 --- a/website/src/controllers/api-v2/coupon.js +++ b/website/src/controllers/api-v2/coupon.js @@ -5,7 +5,7 @@ var csv = require('express-csv'); var async = require('async'); api.ensureAdmin = function(req, res, next) { - if (!res.locals.user.contributor.sudo) return res.json(401, {err:"You don't have admin access"}); + if (!res.locals.user.contributor.sudo) return res.status(401).json({err:"You don't have admin access"}); next(); } @@ -30,7 +30,7 @@ api.getCoupons = function(req,res,next) { api.enterCode = function(req,res,next) { Coupon.apply(res.locals.user,req.params.code,function(err,user){ - if (err) return res.json(400,{err:err}); + if (err) return res.status(400).json({err:err}); res.json(user); }); } diff --git a/website/src/controllers/api-v2/groups.js b/website/src/controllers/api-v2/groups.js index b446a8481a..75b4226872 100644 --- a/website/src/controllers/api-v2/groups.js +++ b/website/src/controllers/api-v2/groups.js @@ -143,7 +143,7 @@ api.get = function(req, res, next) { q.exec(function(err, group){ if (err) return next(err); if(!group){ - if(gid !== 'party') return res.json(404,{err: shared.i18n.t('messageGroupNotFound')}); + if(gid !== 'party') return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')}); // Don't send a 404 when querying for a party even if it doesn't exist // so that users with no party don't get a 404 on every access to the site @@ -189,7 +189,7 @@ api.create = function(req, res, next) { group.leader = user._id; if(group.type === 'guild'){ - if(user.balance < 1) return res.json(401, {err: shared.i18n.t('messageInsufficientGems')}); + if(user.balance < 1) return res.status(401).json({err: shared.i18n.t('messageInsufficientGems')}); group.balance = 1; user.balance--; @@ -223,7 +223,7 @@ api.create = function(req, res, next) { saved.populate('members', nameFields, cb); } ], function(err, populated){ - if (err === shared.i18n.t('messageGroupAlreadyInParty')) return res.json(400,{err:err}); + if (err === shared.i18n.t('messageGroupAlreadyInParty')) return res.status(400).json({err:err}); if (err) return next(err); group = user = null; return res.json(populated); @@ -236,7 +236,7 @@ api.update = function(req, res, next) { var user = res.locals.user; if(group.leader !== user._id) - return res.json(401, {err: shared.i18n.t('messageGroupOnlyLeaderCanUpdate')}); + return res.status(401).json({err: shared.i18n.t('messageGroupOnlyLeaderCanUpdate')}); 'name description logo logo leaderMessage leader leaderOnly'.split(' ').forEach(function(attr){ group[attr] = req.body[attr]; @@ -257,7 +257,7 @@ api.attachGroup = function(req, res, next) { var q = (gid == 'party') ? Group.findOne({type: 'party', members: {'$in': [res.locals.user._id]}}) : Group.findById(gid); q.exec(function(err, group){ if(err) return next(err); - if(!group) return res.json(404, {err: shared.i18n.t('messageGroupNotFound')}); + if(!group) return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')}); if (!user.contributor.admin) { _purgeFlagInfoFromChat(group, user); @@ -281,7 +281,7 @@ api.getChat = function(req, res, next) { populateQuery(gid, q); q.exec(function(err, group){ if (err) return next(err); - if (!group && gid!=='party') return res.json(404,{err: shared.i18n.t('messageGroupNotFound')}); + if (!group && gid!=='party') return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')}); res.json(res.locals.group.chat); gid = null; @@ -293,11 +293,11 @@ api.getChat = function(req, res, next) { */ api.postChat = function(req, res, next) { if(!req.query.message) { - return res.json(400,{err: shared.i18n.t('messageGroupChatBlankMessage')}); + return res.status(400).json({err: shared.i18n.t('messageGroupChatBlankMessage')}); } else { var user = res.locals.user var group = res.locals.group; - if (group.type!='party' && user.flags.chatRevoked) return res.json(401,{err:'Your chat privileges have been revoked.'}); + if (group.type!='party' && user.flags.chatRevoked) return res.status(401).json({err:'Your chat privileges have been revoked.'}); var lastClientMsg = req.query.previousMsg; var chatUpdated = (lastClientMsg && group.chat && group.chat[0] && group.chat[0].id !== lastClientMsg) ? true : false; @@ -321,10 +321,10 @@ api.deleteChatMessage = function(req, res, next){ var group = res.locals.group; var message = _.find(group.chat, {id: req.params.messageId}); - if(!message) return res.json(404, {err: "Message not found!"}); + if(!message) return res.status(404).json({err: "Message not found!"}); if(user._id !== message.uuid && !(user.backer && user.contributor.admin)) - return res.json(401, {err: "Not authorized to delete this message!"}) + return res.status(401).json({err: "Not authorized to delete this message!"}) var lastClientMsg = req.query.previousMsg; var chatUpdated = (lastClientMsg && group.chat && group.chat[0] && group.chat[0].id !== lastClientMsg) ? true : false; @@ -341,15 +341,15 @@ api.flagChatMessage = function(req, res, next){ var group = res.locals.group; var message = _.find(group.chat, {id: req.params.mid}); - if(!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')}); - if(message.uuid == user._id) return res.json(401, {err: shared.i18n.t('messageGroupChatFlagOwnMessage')}); + if(!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')}); + if(message.uuid == user._id) return res.status(401).json({err: shared.i18n.t('messageGroupChatFlagOwnMessage')}); User.findOne({_id: message.uuid}, {auth: 1}, function(err, author){ if(err) return next(err); // Log user ids that have flagged the message if(!message.flags) message.flags = {}; - if(message.flags[user._id] && !user.contributor.admin) return res.json(401, {err: shared.i18n.t('messageGroupChatFlagAlreadyReported')}); + if(message.flags[user._id] && !user.contributor.admin) return res.status(401).json({err: shared.i18n.t('messageGroupChatFlagAlreadyReported')}); message.flags[user._id] = true; // Log total number of flags (publicly viewable) @@ -407,7 +407,7 @@ api.clearFlagCount = function(req, res, next){ var group = res.locals.group; var message = _.find(group.chat, {id: req.params.mid}); - if(!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')}); + if(!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')}); if(user.contributor.admin){ message.flagCount = 0; @@ -419,7 +419,7 @@ api.clearFlagCount = function(req, res, next){ return res.sendStatus(204); }); } else { - return res.json(401, {err: shared.i18n.t('messageGroupChatAdminClearFlagCount')}) + return res.status(401).json({err: shared.i18n.t('messageGroupChatAdminClearFlagCount')}) } } @@ -439,8 +439,8 @@ api.likeChatMessage = function(req, res, next) { var group = res.locals.group; var message = _.find(group.chat, {id: req.params.mid}); - if (!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')}); - if (message.uuid == user._id) return res.json(401, {err: shared.i18n.t('messageGroupChatLikeOwnMessage')}); + if (!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')}); + if (message.uuid == user._id) return res.status(401).json({err: shared.i18n.t('messageGroupChatLikeOwnMessage')}); if (!message.likes) message.likes = {}; if (message.likes[user._id]) { delete message.likes[user._id]; @@ -483,7 +483,7 @@ api.join = function(req, res, next) { } } - if(!isUserInvited) return res.json(401, {err: shared.i18n.t('messageGroupRequiresInvite')}); + if(!isUserInvited) return res.status(401).json({err: shared.i18n.t('messageGroupRequiresInvite')}); if (!_.contains(group.members, user._id)){ if (group.members.length === 0) { @@ -610,7 +610,7 @@ var inviteByUUIDs = function(uuids, group, req, res, next){ } }); }, function(err){ - if(err) return err.code ? res.json(err.code, {err: err.err}) : next(err); + if(err) return err.code ? res.status(err.code).json({err: err.err}) : next(err); async.series([ function(cb) { @@ -674,7 +674,7 @@ var inviteByEmails = function(invites, group, req, res, next){ cb(); } }, function(err){ - if(err) return err.code ? res.json(err.code, {err: err.err}) : next(err); + if(err) return err.code ? res.status(err.code).json({err: err.err}) : next(err); if (usersAlreadyRegistered.length > 0){ inviteByUUIDs(usersAlreadyRegistered, group, req, res, next); @@ -682,7 +682,7 @@ var inviteByEmails = function(invites, group, req, res, next){ // Send only status code down the line because it doesn't need // info on invited users since they are not yet registered - res.json(200, {}); + res.status(200).json({}); } }); }; @@ -691,14 +691,14 @@ api.invite = function(req, res, next){ var group = res.locals.group; if (group.privacy === 'private' && !_.contains(group.members,res.locals.user._id)) { - return res.json(401, {err: "Only a member can invite new members!"}); + return res.status(401).json({err: "Only a member can invite new members!"}); } if (req.body.uuids) { inviteByUUIDs(req.body.uuids, group, req, res, next); } else if (req.body.emails) { inviteByEmails(req.body.emails, group, req, res, next) } else { - return res.json(400, {err: "Can only invite by email or uuid"}); + return res.status(400).json({err: "Can only invite by email or uuid"}); } } @@ -721,11 +721,11 @@ api.removeMember = function(req, res, next){ } if(group.leader !== user._id){ - return res.json(401, {err: "Only group leader can remove a member!"}); + return res.status(401).json({err: "Only group leader can remove a member!"}); } if(user._id === uuid){ - return res.json(401, {err: "You cannot remove yourself!"}); + return res.status(401).json({err: "You cannot remove yourself!"}); } if(_.contains(group.members, uuid)){ @@ -794,7 +794,7 @@ api.removeMember = function(req, res, next){ }); }else{ group = uuid = null; - return res.json(400, {err: "User not found among group's members!"}); + return res.status(400).json({err: "User not found among group's members!"}); } } @@ -806,7 +806,7 @@ function questStart(req, res, next) { var group = res.locals.group; var force = req.query.force; - // if (group.quest.active) return res.json(400,{err:'Quest already began.'}); + // if (group.quest.active) return res.status(400).json({err:'Quest already began.'}); // temporarily send error email, until we know more about this issue (then remove below, uncomment above). if (group.quest.active) return next('Quest already began.'); @@ -907,15 +907,15 @@ api.questAccept = function(req, res, next) { var user = res.locals.user; var key = req.query.key; - if (!group || group.type !== 'party') return res.json(400, {err: "Must be in a party to start quests."}); + if (!group || group.type !== 'party') return res.status(400).json({err: "Must be in a party to start quests."}); // If ?key=xxx is provided, we're starting a new quest and inviting the party. Otherwise, we're a party member accepting the invitation if (key) { var quest = shared.content.quests[key]; - if (!quest) return res.json(404,{err:'Quest ' + key + ' not found'}); - if (quest.lvl && user.stats.lvl < quest.lvl) return res.json(400, {err: "You must be level "+quest.lvl+" to begin this quest."}); - if (group.quest.key) return res.json(400, {err: 'Your party is already on a quest. Try again when the current quest has ended.'}); - if (!user.items.quests[key]) return res.json(400, {err: "You don't own that quest scroll"}); + if (!quest) return res.status(404).json({err:'Quest ' + key + ' not found'}); + if (quest.lvl && user.stats.lvl < quest.lvl) return res.status(400).json({err: "You must be level "+quest.lvl+" to begin this quest."}); + if (group.quest.key) return res.status(400).json({err: 'Your party is already on a quest. Try again when the current quest has ended.'}); + if (!user.items.quests[key]) return res.status(400).json({err: "You don't own that quest scroll"}); group.quest.key = key; group.quest.members = {}; // Invite everyone. true means "accepted", false="rejected", undefined="pending". Once we click "start quest" @@ -967,7 +967,7 @@ api.questAccept = function(req, res, next) { // Party member accepting the invitation } else { - if (!group.quest.key) return res.json(400,{err:'No quest invitation has been sent out yet.'}); + if (!group.quest.key) return res.status(400).json({err:'No quest invitation has been sent out yet.'}); var analyticsData = { category: 'behavior', owner: false, @@ -987,7 +987,7 @@ api.questReject = function(req, res, next) { var group = res.locals.group; var user = res.locals.user; - if (!group.quest.key) return res.json(400,{err:'No quest invitation has been sent out yet.'}); + if (!group.quest.key) return res.status(400).json({err:'No quest invitation has been sent out yet.'}); var analyticsData = { category: 'behavior', owner: false, @@ -1073,15 +1073,15 @@ api.questLeave = function(req, res, next) { var user = res.locals.user; if (!(group.quest && group.quest.active)) { - return res.json(404, { err: 'No active quest to leave' }); + return res.status(404).json({ err: 'No active quest to leave' }); } if (!(group.quest.members && group.quest.members[user._id])) { - return res.json(403, { err: 'You are not part of the quest' }); + return res.status(403).json({ err: 'You are not part of the quest' }); } if (group.quest.leader === user._id) { - return res.json(403, { err: 'Quest leader cannot leave quest' }); + return res.status(403).json({ err: 'Quest leader cannot leave quest' }); } delete group.quest.members[user._id]; diff --git a/website/src/controllers/api-v2/hall.js b/website/src/controllers/api-v2/hall.js index f3a3ead240..ec88894c62 100644 --- a/website/src/controllers/api-v2/hall.js +++ b/website/src/controllers/api-v2/hall.js @@ -8,7 +8,7 @@ var api = module.exports; api.ensureAdmin = function(req, res, next) { var user = res.locals.user; - if (!(user.contributor && user.contributor.admin)) return res.json(401, {err:"You don't have admin access"}); + if (!(user.contributor && user.contributor.admin)) return res.status(401).json({err:"You don't have admin access"}); next(); } @@ -42,7 +42,7 @@ api.getHero = function(req,res,next) { .select('auth.local.username auth.local.email auth.facebook auth.blocked') .exec(function(err, user){ if (err) return next(err) - if (!user) return res.json(400,{err:'User not found'}); + if (!user) return res.status(400).json({err:'User not found'}); res.json(user); }); } @@ -53,7 +53,7 @@ api.updateHero = function(req,res,next) { User.findById(req.params.uid, cb); }, function(member, cb){ - if (!member) return res.json(404, {err: "User not found"}); + if (!member) return res.status(404).json({err: "User not found"}); member.balance = req.body.balance || 0; var newTier = req.body.contributor.level; // tier = level in this context var oldTier = member.contributor && member.contributor.level || 0; @@ -80,6 +80,6 @@ api.updateHero = function(req,res,next) { } ], function(err, saved){ if (err) return next(err); - res.json(204); + res.status(204).json({}); }) } diff --git a/website/src/controllers/api-v2/members.js b/website/src/controllers/api-v2/members.js index 76b686dd95..01c136c472 100644 --- a/website/src/controllers/api-v2/members.js +++ b/website/src/controllers/api-v2/members.js @@ -22,7 +22,7 @@ var fetchMember = function(uuid, restrict){ } var sendErr = function(err, res, next){ - err.code ? res.json(err.code, {err: err.err}) : next(err); + err.code ? res.status(err.code).json({err: err.err}) : next(err); } api.getMember = function(req, res, next) { diff --git a/website/src/controllers/api-v2/unsubscription.js b/website/src/controllers/api-v2/unsubscription.js index f768236ee5..2fecbef03f 100644 --- a/website/src/controllers/api-v2/unsubscription.js +++ b/website/src/controllers/api-v2/unsubscription.js @@ -6,7 +6,7 @@ var i18n = require('../../../../common').i18n; var api = module.exports = {}; api.unsubscribe = function(req, res, next){ - if(!req.query.code) return res.json(500, {err: 'Missing unsubscription code.'}); + if(!req.query.code) return res.status(500).json({err: 'Missing unsubscription code.'}); var data = JSON.parse(utils.decrypt(req.query.code)); @@ -15,7 +15,7 @@ api.unsubscribe = function(req, res, next){ $set: {'preferences.emailNotifications.unsubscribeFromAll': true} }, {multi: false}, function(err, updateRes){ if(err) return next(err); - if(updateRes !== 1) return res.json(404, {err: 'User not found'}); + if(updateRes !== 1) return res.status(404).json({err: 'User not found'}); res.send('

' + i18n.t('unsubscribedSuccessfully', null, req.language) + '

' + i18n.t('unsubscribedTextUsers', null, req.language)); }); @@ -23,14 +23,14 @@ api.unsubscribe = function(req, res, next){ EmailUnsubscription.findOne({email: data.email}, function(err, doc){ if(err) return next(err); var okRes = '

' + i18n.t('unsubscribedSuccessfully', null, req.language) + '

' + i18n.t('unsubscribedTextOthers', null, req.language); - + if(doc) return res.send(okRes); EmailUnsubscription.create({email: data.email}, function(err, doc){ if(err) return next(err); - + res.send(okRes); }) }); } -}; \ No newline at end of file +}; diff --git a/website/src/controllers/api-v2/user.js b/website/src/controllers/api-v2/user.js index 97f1a22776..8c24b620bc 100644 --- a/website/src/controllers/api-v2/user.js +++ b/website/src/controllers/api-v2/user.js @@ -75,10 +75,10 @@ api.score = function(req, res, next) { var clearMemory = function(){user = task = id = direction = null;} // Send error responses for improper API call - if (!id) return res.json(400, {err: ':id required'}); + if (!id) return res.status(400).json({err: ':id required'}); if (direction !== 'up' && direction !== 'down') { if (direction == 'unlink' || direction == 'sort') return next(); - return res.json(400, {err: ":direction must be 'up' or 'down'"}); + return res.status(400).json({err: ":direction must be 'up' or 'down'"}); } // If exists already, score it if (task = user.tasks[id]) { @@ -108,7 +108,7 @@ api.score = function(req, res, next) { var userStats = saved.toJSON().stats; var resJsonData = _.extend({ delta: delta, _tmp: user._tmp }, userStats); - res.json(200, resJsonData); + res.status(200).json(resJsonData); var webhookData = _generateWebhookTaskData( task, direction, delta, userStats, user @@ -161,8 +161,8 @@ api.getTasks = function(req, res, next) { */ api.getTask = function(req, res, next) { var task = findTask(req,res); - if (!task) return res.json(404, {err: shared.i18n.t('messageTaskNotFound')}); - return res.json(200, task); + if (!task) return res.status(404).json({err: shared.i18n.t('messageTaskNotFound')}); + return res.status(200).json(task); }; @@ -184,7 +184,7 @@ api.getTask = function(req, res, next) { api.getBuyList = function (req, res, next) { var list = shared.updateStore(res.locals.user); - return res.json(200, list); + return res.status(200).json(list); }; /* @@ -206,7 +206,7 @@ api.getUser = function(req, res, next) { delete user.auth.local.hashed_password; delete user.auth.local.salt; } - return res.json(200, user); + return res.status(200).json(user); }; /** @@ -279,7 +279,7 @@ api.getUserAnonymized = function(req, res, next) { cleanChecklist(task); }); - return res.json(200, user); + return res.status(200).json(user); }; /** @@ -336,7 +336,7 @@ api.update = (req, res, next) => { let user = res.locals.user; let errors = []; - if (_.isEmpty(req.body)) return res.json(200, user); + if (_.isEmpty(req.body)) return res.status(200).json(user); _.each(req.body, (v, k) => { let purchasable = requiresPurchase[k]; @@ -354,18 +354,18 @@ api.update = (req, res, next) => { }); user.save((err) => { - if (!_.isEmpty(errors)) return res.json(401, {err: errors}); + if (!_.isEmpty(errors)) return res.status(401).json({err: errors}); if (err) { if (err.name == 'ValidationError') { let errorMessages = _.map(_.values(err.errors), (error) => { return error.message; }); - return res.json(400, {err: errorMessages}); + return res.status(400).json({err: errorMessages}); } return next(err); } - res.json(200, user); + res.status(200).json(user); user = errors = null; }); }; @@ -411,7 +411,7 @@ api.delete = function(req, res, next) { var plan = user.purchased.plan; if (plan && plan.customerId && !plan.dateTerminated){ - return res.json(400,{err:"You have an active subscription, cancel your plan before deleting your account."}); + return res.status(400).json({err:"You have an active subscription, cancel your plan before deleting your account."}); } Group.find({ @@ -488,8 +488,8 @@ api.cast = function(req, res, next) { klass = shared.content.spells.special[req.params.spell] ? 'special' : user.stats.class, spell = shared.content.spells[klass][req.params.spell]; - if (!spell) return res.json(404, {err: 'Spell "' + req.params.spell + '" not found.'}); - if (spell.mana > user.stats.mp) return res.json(400, {err: 'Not enough mana to cast spell'}); + if (!spell) return res.status(404).json({err: 'Spell "' + req.params.spell + '" not found.'}); + if (spell.mana > user.stats.mp) return res.status(400).json({err: 'Not enough mana to cast spell'}); var done = function(){ var err = arguments[0]; @@ -501,7 +501,7 @@ api.cast = function(req, res, next) { switch (targetType) { case 'task': - if (!user.tasks[targetId]) return res.json(404, {err: 'Task "' + targetId + '" not found.'}); + if (!user.tasks[targetId]) return res.status(404).json({err: 'Task "' + targetId + '" not found.'}); spell.cast(user, user.tasks[targetId]); user.save(done); break; @@ -597,12 +597,12 @@ _.each(shared.wrap({}).ops, function(op,k){ // If we want to send something other than 500, pass err as {code: 200, message: "Not enough GP"} if (err) { if (!err.code) return next(err); - if (err.code >= 400) return res.json(err.code,{err:err.message}); + if (err.code >= 400) return res.status(err.code).json({err:err.message}); // In the case of 200s, they're friendly alert messages like "You're pet has hatched!" - still send the op } res.locals.user.save(function(err){ if (err) return next(err); - res.json(200,response); + res.status(200).json(response); }) }, analytics); } @@ -618,7 +618,7 @@ _.each(shared.wrap({}).ops, function(op,k){ api.batchUpdate = function(req, res, next) { if (_.isEmpty(req.body)) req.body = []; // cases of {} or null if (req.body[0] && req.body[0].data) - return res.json(501, {err: "API has been updated, please refresh your browser or upgrade your mobile app."}) + return res.status(501).json({err: "API has been updated, please refresh your browser or upgrade your mobile app."}) var user = res.locals.user; var oldSend = res.send; @@ -666,17 +666,17 @@ api.batchUpdate = function(req, res, next) { // return only drops & streaks if (response._tmp && response._tmp.drop){ - res.json(200, {_tmp: {drop: response._tmp.drop}, _v: response._v}); + res.status(200).json({_tmp: {drop: response._tmp.drop}, _v: response._v}); // Fetch full user object } else if (response.wasModified){ // Preen 3-day past-completed To-Dos from Angular & mobile app response.todos = shared.preenTodos(response.todos); - res.json(200, response); + res.status(200).json(response); // return only the version number } else{ - res.json(200, {_v: response._v}); + res.status(200).json({_v: response._v}); } }); }; diff --git a/website/src/controllers/dataexport.js b/website/src/controllers/dataexport.js index c599c7758b..58932b7696 100644 --- a/website/src/controllers/dataexport.js +++ b/website/src/controllers/dataexport.js @@ -47,8 +47,8 @@ var userdata = function(user) { dataexport.leanuser = function(req, res, next) { User.findOne({_id: res.locals.user._id}).lean().exec(function(err, user) { - if (err) return res.json(500, {err: err}); - if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND); + if (err) return res.status(500).json({err: err}); + if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND); res.locals.user = user; return next(); }); diff --git a/website/src/controllers/payments/amazon.js b/website/src/controllers/payments/amazon.js index 04de88cec5..8c01663c10 100644 --- a/website/src/controllers/payments/amazon.js +++ b/website/src/controllers/payments/amazon.js @@ -19,11 +19,11 @@ var amzPayment = amazonPayments.connect({ exports.verifyAccessToken = function(req, res, next){ if(!req.body || !req.body['access_token']){ - return res.json(400, {err: 'Access token not supplied.'}); + return res.status(400).json({err: 'Access token not supplied.'}); } amzPayment.api.getTokenInfo(req.body['access_token'], function(err, tokenInfo){ - if(err) return res.json(400, {err:err}); + if(err) return res.status(400).json({err:err}); res.sendStatus(200); }); @@ -31,7 +31,7 @@ exports.verifyAccessToken = function(req, res, next){ exports.createOrderReferenceId = function(req, res, next){ if(!req.body || !req.body.billingAgreementId){ - return res.json(400, {err: 'Billing Agreement Id not supplied.'}); + return res.status(400).json({err: 'Billing Agreement Id not supplied.'}); } amzPayment.offAmazonPayments.createOrderReferenceForId({ @@ -52,7 +52,7 @@ exports.createOrderReferenceId = function(req, res, next){ exports.checkout = function(req, res, next){ if(!req.body || !req.body.orderReferenceId){ - return res.json(400, {err: 'Billing Agreement Id not supplied.'}); + return res.status(400).json({err: 'Billing Agreement Id not supplied.'}); } var gift = req.body.gift; @@ -148,7 +148,7 @@ exports.checkout = function(req, res, next){ exports.subscribe = function(req, res, next){ if(!req.body || !req.body['billingAgreementId']){ - return res.json(400, {err: 'Billing Agreement Id not supplied.'}); + return res.status(400).json({err: 'Billing Agreement Id not supplied.'}); } var billingAgreementId = req.body.billingAgreementId; @@ -157,7 +157,7 @@ exports.subscribe = function(req, res, next){ var user = res.locals.user; if(!sub){ - return res.json(400, {err: 'Subscription plan not found.'}); + return res.status(400).json({err: 'Subscription plan not found.'}); } async.series({ @@ -236,7 +236,7 @@ exports.subscribe = function(req, res, next){ exports.subscribeCancel = function(req, res, next){ var user = res.locals.user; if (!user.purchased.plan.customerId) - return res.json(401, {err: 'User does not have a plan subscription'}); + return res.status(401).json({err: 'User does not have a plan subscription'}); var billingAgreementId = user.purchased.plan.customerId; diff --git a/website/src/controllers/payments/index.js b/website/src/controllers/payments/index.js index 5005835c07..dad53feb13 100644 --- a/website/src/controllers/payments/index.js +++ b/website/src/controllers/payments/index.js @@ -181,7 +181,7 @@ exports.buyGems = function(data, cb) { exports.validCoupon = function(req, res, next){ mongoose.model('Coupon').findOne({_id:cc.validate(req.params.code), event:'google_6mo'}, function(err, coupon){ if (err) return next(err); - if (!coupon) return res.json(401, {err:"Invalid coupon code"}); + if (!coupon) return res.status(401).json({err:"Invalid coupon code"}); return res.sendStatus(200); }); } diff --git a/website/src/controllers/payments/paypal.js b/website/src/controllers/payments/paypal.js index 2671946dc7..3c5258c222 100644 --- a/website/src/controllers/payments/paypal.js +++ b/website/src/controllers/payments/paypal.js @@ -28,7 +28,7 @@ paypal.configure({ var parseErr = function(res, err){ //var error = err.response ? err.response.message || err.response.details[0].issue : err; var error = JSON.stringify(err); - return res.json(400,{err:error}); + return res.status(400).json({err:error}); } exports.createBillingAgreement = function(req,res,next){ @@ -166,7 +166,7 @@ exports.executePayment = function(req, res) { exports.cancelSubscription = function(req, res, next){ var user = res.locals.user; if (!user.purchased.plan.customerId) - return res.json(401, {err: "User does not have a plan subscription"}); + return res.status(401).json({err: "User does not have a plan subscription"}); async.auto({ get_cus: function(cb){ paypal.billingAgreement.get(user.purchased.plan.customerId, cb); diff --git a/website/src/controllers/payments/stripe.js b/website/src/controllers/payments/stripe.js index cd4b9cc9ae..1a1085227c 100644 --- a/website/src/controllers/payments/stripe.js +++ b/website/src/controllers/payments/stripe.js @@ -72,7 +72,7 @@ exports.checkout = function(req, res, next) { exports.subscribeCancel = function(req, res, next) { var user = res.locals.user; if (!user.purchased.plan.customerId) - return res.json(401, {err: 'User does not have a plan subscription'}); + return res.status(401).json({err: 'User does not have a plan subscription'}); async.auto({ get_cus: function(cb){ diff --git a/website/src/middlewares/apiThrottle.js b/website/src/middlewares/apiThrottle.js index 15f3ad5666..8de298106c 100644 --- a/website/src/middlewares/apiThrottle.js +++ b/website/src/middlewares/apiThrottle.js @@ -18,7 +18,7 @@ module.exports = function(app) { } })).use(function(req,res,next){ //logging.info(res.ratelimit); - if (res.ratelimit.exceeded) return res.json(429,{err:'Rate limit exceeded'}); + if (res.ratelimit.exceeded) return res.status(429).json({err:'Rate limit exceeded'}); next(); }); }; diff --git a/website/src/middlewares/errorHandler.js b/website/src/middlewares/errorHandler.js index 9a82316a75..2b06824dce 100644 --- a/website/src/middlewares/errorHandler.js +++ b/website/src/middlewares/errorHandler.js @@ -20,5 +20,5 @@ module.exports = function(err, req, res, next) { });*/ var message = err.message ? err.message : err; message = (message.length < 200) ? message : message.substring(0,100) + message.substring(message.length-100,message.length); - res.json(500,{err:message}); //res.end(err.message); + res.status(500).json({err:message}); //res.end(err.message); }; diff --git a/website/src/middlewares/forceRefresh.js b/website/src/middlewares/forceRefresh.js index e022aed2f6..6d5b4fa8c9 100644 --- a/website/src/middlewares/forceRefresh.js +++ b/website/src/middlewares/forceRefresh.js @@ -2,7 +2,7 @@ module.exports.siteVersion = 1; module.exports.middleware = function(req, res, next){ if(req.query.siteVersion && req.query.siteVersion != module.exports.siteVersion){ - return res.json(400, {needRefresh: true}); + return res.status(400).json({needRefresh: true}); } return next();