mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-19 07:37:25 +01:00
chore: Update res.json(code, json) to res.status(code).json(json)
This commit is contained in:
Blade Barringer
@@ -29,11 +29,11 @@ var accountSuspended = function(uuid){
|
||||
api.auth = function(req, res, next) {
|
||||
var uid = req.headers['x-api-user'];
|
||||
var token = req.headers['x-api-key'];
|
||||
if (!(uid && token)) return res.json(401, NO_TOKEN_OR_UID);
|
||||
if (!(uid && token)) return res.status(401).json(NO_TOKEN_OR_UID);
|
||||
User.findOne({_id: uid, apiToken: token}, function(err, user) {
|
||||
if (err) return next(err);
|
||||
if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND);
|
||||
if (user.auth.blocked) return res.json(401, accountSuspended(user._id));
|
||||
if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND);
|
||||
if (user.auth.blocked) return res.status(401).json(accountSuspended(user._id));
|
||||
|
||||
res.locals.wasModified = req.query._v ? +user._v !== +req.query._v : true;
|
||||
res.locals.user = user;
|
||||
@@ -44,10 +44,10 @@ api.auth = function(req, res, next) {
|
||||
|
||||
api.authWithSession = function(req, res, next) { //[todo] there is probably a more elegant way of doing this...
|
||||
if (!(req.session && req.session.userId))
|
||||
return res.json(401, NO_SESSION_FOUND);
|
||||
return res.status(401).json(NO_SESSION_FOUND);
|
||||
User.findOne({_id: req.session.userId}, function(err, user) {
|
||||
if (err) return next(err);
|
||||
if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND);
|
||||
if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND);
|
||||
res.locals.user = user;
|
||||
next();
|
||||
});
|
||||
@@ -56,7 +56,7 @@ api.authWithSession = function(req, res, next) { //[todo] there is probably a mo
|
||||
api.authWithUrl = function(req, res, next) {
|
||||
User.findOne({_id:req.query._id, apiToken:req.query.apiToken}, function(err,user){
|
||||
if (err) return next(err);
|
||||
if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND);
|
||||
if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND);
|
||||
res.locals.user = user;
|
||||
next();
|
||||
});
|
||||
@@ -136,8 +136,8 @@ api.registerUser = function(req, res, next) {
|
||||
}
|
||||
}]
|
||||
}, function(err, data) {
|
||||
if (err) return err.code ? res.json(err.code, err) : next(err);
|
||||
res.json(200, data.register[0]);
|
||||
if (err) return err.code ? res.status(err.code).json(err) : next(err);
|
||||
res.status(200).json(data.register[0]);
|
||||
});
|
||||
};
|
||||
|
||||
@@ -149,22 +149,22 @@ api.registerUser = function(req, res, next) {
|
||||
api.loginLocal = function(req, res, next) {
|
||||
var username = req.body.username;
|
||||
var password = req.body.password;
|
||||
if (!(username && password)) return res.json(401, {err:'Missing :username or :password in request body, please provide both'});
|
||||
if (!(username && password)) return res.status(401).json({err:'Missing :username or :password in request body, please provide both'});
|
||||
var login = validator.isEmail(username) ?
|
||||
{'auth.local.email':username.toLowerCase()} : // Emails are all lowercase
|
||||
{'auth.local.username':username}; // Use the username as the user typed it
|
||||
|
||||
User.findOne(login, {auth:1}, function(err, user){
|
||||
if (err) return next(err);
|
||||
if (!user) return res.json(401, {err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."});
|
||||
if (user.auth.blocked) return res.json(401, accountSuspended(user._id));
|
||||
if (!user) return res.status(401).json({err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."});
|
||||
if (user.auth.blocked) return res.status(401).json(accountSuspended(user._id));
|
||||
// We needed the whole user object first so we can get his salt to encrypt password comparison
|
||||
User.findOne(
|
||||
{$and: [login, {'auth.local.hashed_password': utils.encryptPassword(password, user.auth.local.salt)}]}
|
||||
, {_id:1, apiToken:1}
|
||||
, function(err, user){
|
||||
if (err) return next(err);
|
||||
if (!user) return res.json(401,{err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."});
|
||||
if (!user) return res.status(401).json({err:"Uh-oh - your username or password is incorrect.\n- Make sure your username or email is typed correctly.\n- You may have signed up with Facebook, not email. Double-check by trying Facebook login.\n- If you forgot your password, click \"Forgot Password\" on the habitica.com website's login form."});
|
||||
res.json({id: user._id,token: user.apiToken});
|
||||
password = null;
|
||||
});
|
||||
@@ -178,7 +178,7 @@ api.loginSocial = function(req, res, next) {
|
||||
var access_token = req.body.authResponse.access_token,
|
||||
network = req.body.network;
|
||||
if (network!=='facebook')
|
||||
return res.json(401, {err:"Only Facebook supported currently."});
|
||||
return res.status(401).json({err:"Only Facebook supported currently."});
|
||||
async.auto({
|
||||
profile: function (cb) {
|
||||
passport._strategies[network].userProfile(access_token, cb);
|
||||
@@ -223,10 +223,10 @@ api.loginSocial = function(req, res, next) {
|
||||
analytics.track('register', analyticsData)
|
||||
}]
|
||||
}, function(err, results){
|
||||
if (err) return res.json(401, {err: err.toString ? err.toString() : err});
|
||||
if (err) return res.status(401).json({err: err.toString ? err.toString() : err});
|
||||
var acct = results.register[0] ? results.register[0] : results.register;
|
||||
if (acct.auth.blocked) return res.json(401, accountSuspended(acct._id));
|
||||
return res.json(200, {id:acct._id, token:acct.apiToken});
|
||||
if (acct.auth.blocked) return res.status(401).json(accountSuspended(acct._id));
|
||||
return res.status(200).json({id:acct._id, token:acct.apiToken});
|
||||
})
|
||||
};
|
||||
|
||||
@@ -235,7 +235,7 @@ api.loginSocial = function(req, res, next) {
|
||||
*/
|
||||
api.deleteSocial = function(req,res,next){
|
||||
if (!res.locals.user.auth.local.username)
|
||||
return res.json(401, {err:"Account lacks another authentication method, can't detach Facebook"});
|
||||
return res.status(401).json({err:"Account lacks another authentication method, can't detach Facebook"});
|
||||
//FIXME for some reason, the following gives https://gist.github.com/lefnire/f93eb306069b9089d123
|
||||
//res.locals.user.auth.facebook = null;
|
||||
//res.locals.user.auth.save(function(err, saved){
|
||||
@@ -251,7 +251,7 @@ api.resetPassword = function(req, res, next){
|
||||
newPassword = utils.makeSalt(), // use a salt as the new password too (they'll change it later)
|
||||
hashed_password = utils.encryptPassword(newPassword, salt);
|
||||
|
||||
if(!email) return res.json(400, {err: "Email not provided"});
|
||||
if(!email) return res.status(400).json({err: "Email not provided"});
|
||||
|
||||
User.findOne({'auth.local.email': email}, function(err, user){
|
||||
if (err) return next(err);
|
||||
@@ -285,7 +285,7 @@ api.changeUsername = function(req, res, next) {
|
||||
var username = req.body.username;
|
||||
var lowerCaseUsername = username && username.toLowerCase(); // we search for the lowercased version to intercept duplicates
|
||||
|
||||
if(!username) return res.json(400, {err: "Username not provided"});
|
||||
if(!username) return res.status(400).json({err: "Username not provided"});
|
||||
async.waterfall([
|
||||
function(cb){
|
||||
User.findOne({'auth.local.lowerCaseUsername': lowerCaseUsername}, {auth:1}, cb);
|
||||
@@ -299,14 +299,14 @@ api.changeUsername = function(req, res, next) {
|
||||
user.save(cb);
|
||||
}
|
||||
], function(err){
|
||||
if (err) return err.code ? res.json(err.code, err) : next(err);
|
||||
if (err) return err.code ? res.status(err.code).json(err) : next(err);
|
||||
res.sendStatus(200);
|
||||
})
|
||||
}
|
||||
|
||||
api.changeEmail = function(req, res, next){
|
||||
var email = req.body.email && req.body.email.toLowerCase(); // emails are all lowercase
|
||||
if(!email) return res.json(400, {err: "Email not provided"});
|
||||
if(!email) return res.status(400).json({err: "Email not provided"});
|
||||
|
||||
async.waterfall([
|
||||
function(cb){
|
||||
@@ -319,7 +319,7 @@ api.changeEmail = function(req, res, next){
|
||||
res.locals.user.save(cb);
|
||||
}
|
||||
], function(err){
|
||||
if (err) return err.code ? res.json(err.code,err) : next(err);
|
||||
if (err) return err.code ? res.status(err.code).json(err) : next(err);
|
||||
res.sendStatus(200);
|
||||
})
|
||||
}
|
||||
@@ -331,14 +331,14 @@ api.changePassword = function(req, res, next) {
|
||||
confirmNewPassword = req.body.confirmNewPassword;
|
||||
|
||||
if (newPassword != confirmNewPassword)
|
||||
return res.json(401, {err: "Password & Confirm don't match"});
|
||||
return res.status(401).json({err: "Password & Confirm don't match"});
|
||||
|
||||
var salt = user.auth.local.salt,
|
||||
hashed_old_password = utils.encryptPassword(oldPassword, salt),
|
||||
hashed_new_password = utils.encryptPassword(newPassword, salt);
|
||||
|
||||
if (hashed_old_password !== user.auth.local.hashed_password)
|
||||
return res.json(401, {err:"Old password doesn't match"});
|
||||
return res.status(401).json({err:"Old password doesn't match"});
|
||||
|
||||
user.auth.local.hashed_password = hashed_new_password;
|
||||
user.save(function(err, saved){
|
||||
@@ -362,7 +362,7 @@ api.getFirebaseToken = function(req, res, next) {
|
||||
expires: expires
|
||||
});
|
||||
|
||||
res.json(200, {
|
||||
res.status(200).json({
|
||||
token: token,
|
||||
expires: expires
|
||||
});
|
||||
|
||||
@@ -67,7 +67,7 @@ api.get = function(req, res, next) {
|
||||
.populate('leader', 'profile.name')
|
||||
.exec(function(err, challenge){
|
||||
if(err) return next(err);
|
||||
if (!challenge) return res.json(404, {err: 'Challenge ' + req.params.cid + ' not found'});
|
||||
if (!challenge) return res.status(404).json({err: 'Challenge ' + req.params.cid + ' not found'});
|
||||
challenge._isMember = !!(_.find(challenge.members, function(member) {
|
||||
return member._id === user._id;
|
||||
}));
|
||||
@@ -145,7 +145,7 @@ api.getMember = function(req, res, next) {
|
||||
.project(proj)
|
||||
.exec(function(err, member){
|
||||
if (err) return next(err);
|
||||
if (!member) return res.json(404, {err: 'Member '+uid+' for challenge '+cid+' not found'});
|
||||
if (!member) return res.status(404).json({err: 'Member '+uid+' for challenge '+cid+' not found'});
|
||||
res.json(member[0]);
|
||||
uid = cid = null;
|
||||
});
|
||||
@@ -207,7 +207,7 @@ api.create = function(req, res, next){
|
||||
results.save_chal[0].syncToUser(user, cb);
|
||||
}]
|
||||
}, function(err, results){
|
||||
if (err) return err.code? res.json(err.code, err) : next(err);
|
||||
if (err) return err.code? res.status(err.code).json(err) : next(err);
|
||||
return res.json(results.save_chal[0]);
|
||||
user = null;
|
||||
})
|
||||
@@ -325,7 +325,7 @@ api.delete = function(req, res, next){
|
||||
* Select Winner & Close
|
||||
*/
|
||||
api.selectWinner = function(req, res, next) {
|
||||
if (!req.query.uid) return res.json(401, {err: 'Must select a winner'});
|
||||
if (!req.query.uid) return res.status(401).json({err: 'Must select a winner'});
|
||||
var user = res.locals.user;
|
||||
var cid = req.params.cid;
|
||||
var chal;
|
||||
@@ -436,7 +436,7 @@ api.unlink = function(req, res, next) {
|
||||
var tid = req.params.id;
|
||||
var cid = user.tasks[tid].challenge.id;
|
||||
if (!req.query.keep)
|
||||
return res.json(400, {err: 'Provide unlink method as ?keep=keep-all (keep, keep-all, remove, remove-all)'});
|
||||
return res.status(400).json({err: 'Provide unlink method as ?keep=keep-all (keep, keep-all, remove, remove-all)'});
|
||||
user.unlink({cid:cid, keep:req.query.keep, tid:tid}, function(err, saved){
|
||||
if (err) return next(err);
|
||||
res.sendStatus(200);
|
||||
|
||||
@@ -5,7 +5,7 @@ var csv = require('express-csv');
|
||||
var async = require('async');
|
||||
|
||||
api.ensureAdmin = function(req, res, next) {
|
||||
if (!res.locals.user.contributor.sudo) return res.json(401, {err:"You don't have admin access"});
|
||||
if (!res.locals.user.contributor.sudo) return res.status(401).json({err:"You don't have admin access"});
|
||||
next();
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ api.getCoupons = function(req,res,next) {
|
||||
|
||||
api.enterCode = function(req,res,next) {
|
||||
Coupon.apply(res.locals.user,req.params.code,function(err,user){
|
||||
if (err) return res.json(400,{err:err});
|
||||
if (err) return res.status(400).json({err:err});
|
||||
res.json(user);
|
||||
});
|
||||
}
|
||||
|
||||
@@ -143,7 +143,7 @@ api.get = function(req, res, next) {
|
||||
q.exec(function(err, group){
|
||||
if (err) return next(err);
|
||||
if(!group){
|
||||
if(gid !== 'party') return res.json(404,{err: shared.i18n.t('messageGroupNotFound')});
|
||||
if(gid !== 'party') return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')});
|
||||
|
||||
// Don't send a 404 when querying for a party even if it doesn't exist
|
||||
// so that users with no party don't get a 404 on every access to the site
|
||||
@@ -189,7 +189,7 @@ api.create = function(req, res, next) {
|
||||
group.leader = user._id;
|
||||
|
||||
if(group.type === 'guild'){
|
||||
if(user.balance < 1) return res.json(401, {err: shared.i18n.t('messageInsufficientGems')});
|
||||
if(user.balance < 1) return res.status(401).json({err: shared.i18n.t('messageInsufficientGems')});
|
||||
|
||||
group.balance = 1;
|
||||
user.balance--;
|
||||
@@ -223,7 +223,7 @@ api.create = function(req, res, next) {
|
||||
saved.populate('members', nameFields, cb);
|
||||
}
|
||||
], function(err, populated){
|
||||
if (err === shared.i18n.t('messageGroupAlreadyInParty')) return res.json(400,{err:err});
|
||||
if (err === shared.i18n.t('messageGroupAlreadyInParty')) return res.status(400).json({err:err});
|
||||
if (err) return next(err);
|
||||
group = user = null;
|
||||
return res.json(populated);
|
||||
@@ -236,7 +236,7 @@ api.update = function(req, res, next) {
|
||||
var user = res.locals.user;
|
||||
|
||||
if(group.leader !== user._id)
|
||||
return res.json(401, {err: shared.i18n.t('messageGroupOnlyLeaderCanUpdate')});
|
||||
return res.status(401).json({err: shared.i18n.t('messageGroupOnlyLeaderCanUpdate')});
|
||||
|
||||
'name description logo logo leaderMessage leader leaderOnly'.split(' ').forEach(function(attr){
|
||||
group[attr] = req.body[attr];
|
||||
@@ -257,7 +257,7 @@ api.attachGroup = function(req, res, next) {
|
||||
var q = (gid == 'party') ? Group.findOne({type: 'party', members: {'$in': [res.locals.user._id]}}) : Group.findById(gid);
|
||||
q.exec(function(err, group){
|
||||
if(err) return next(err);
|
||||
if(!group) return res.json(404, {err: shared.i18n.t('messageGroupNotFound')});
|
||||
if(!group) return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')});
|
||||
|
||||
if (!user.contributor.admin) {
|
||||
_purgeFlagInfoFromChat(group, user);
|
||||
@@ -281,7 +281,7 @@ api.getChat = function(req, res, next) {
|
||||
populateQuery(gid, q);
|
||||
q.exec(function(err, group){
|
||||
if (err) return next(err);
|
||||
if (!group && gid!=='party') return res.json(404,{err: shared.i18n.t('messageGroupNotFound')});
|
||||
if (!group && gid!=='party') return res.status(404).json({err: shared.i18n.t('messageGroupNotFound')});
|
||||
|
||||
res.json(res.locals.group.chat);
|
||||
gid = null;
|
||||
@@ -293,11 +293,11 @@ api.getChat = function(req, res, next) {
|
||||
*/
|
||||
api.postChat = function(req, res, next) {
|
||||
if(!req.query.message) {
|
||||
return res.json(400,{err: shared.i18n.t('messageGroupChatBlankMessage')});
|
||||
return res.status(400).json({err: shared.i18n.t('messageGroupChatBlankMessage')});
|
||||
} else {
|
||||
var user = res.locals.user
|
||||
var group = res.locals.group;
|
||||
if (group.type!='party' && user.flags.chatRevoked) return res.json(401,{err:'Your chat privileges have been revoked.'});
|
||||
if (group.type!='party' && user.flags.chatRevoked) return res.status(401).json({err:'Your chat privileges have been revoked.'});
|
||||
var lastClientMsg = req.query.previousMsg;
|
||||
var chatUpdated = (lastClientMsg && group.chat && group.chat[0] && group.chat[0].id !== lastClientMsg) ? true : false;
|
||||
|
||||
@@ -321,10 +321,10 @@ api.deleteChatMessage = function(req, res, next){
|
||||
var group = res.locals.group;
|
||||
var message = _.find(group.chat, {id: req.params.messageId});
|
||||
|
||||
if(!message) return res.json(404, {err: "Message not found!"});
|
||||
if(!message) return res.status(404).json({err: "Message not found!"});
|
||||
|
||||
if(user._id !== message.uuid && !(user.backer && user.contributor.admin))
|
||||
return res.json(401, {err: "Not authorized to delete this message!"})
|
||||
return res.status(401).json({err: "Not authorized to delete this message!"})
|
||||
|
||||
var lastClientMsg = req.query.previousMsg;
|
||||
var chatUpdated = (lastClientMsg && group.chat && group.chat[0] && group.chat[0].id !== lastClientMsg) ? true : false;
|
||||
@@ -341,15 +341,15 @@ api.flagChatMessage = function(req, res, next){
|
||||
var group = res.locals.group;
|
||||
var message = _.find(group.chat, {id: req.params.mid});
|
||||
|
||||
if(!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
if(message.uuid == user._id) return res.json(401, {err: shared.i18n.t('messageGroupChatFlagOwnMessage')});
|
||||
if(!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
if(message.uuid == user._id) return res.status(401).json({err: shared.i18n.t('messageGroupChatFlagOwnMessage')});
|
||||
|
||||
User.findOne({_id: message.uuid}, {auth: 1}, function(err, author){
|
||||
if(err) return next(err);
|
||||
|
||||
// Log user ids that have flagged the message
|
||||
if(!message.flags) message.flags = {};
|
||||
if(message.flags[user._id] && !user.contributor.admin) return res.json(401, {err: shared.i18n.t('messageGroupChatFlagAlreadyReported')});
|
||||
if(message.flags[user._id] && !user.contributor.admin) return res.status(401).json({err: shared.i18n.t('messageGroupChatFlagAlreadyReported')});
|
||||
message.flags[user._id] = true;
|
||||
|
||||
// Log total number of flags (publicly viewable)
|
||||
@@ -407,7 +407,7 @@ api.clearFlagCount = function(req, res, next){
|
||||
var group = res.locals.group;
|
||||
var message = _.find(group.chat, {id: req.params.mid});
|
||||
|
||||
if(!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
if(!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
|
||||
if(user.contributor.admin){
|
||||
message.flagCount = 0;
|
||||
@@ -419,7 +419,7 @@ api.clearFlagCount = function(req, res, next){
|
||||
return res.sendStatus(204);
|
||||
});
|
||||
} else {
|
||||
return res.json(401, {err: shared.i18n.t('messageGroupChatAdminClearFlagCount')})
|
||||
return res.status(401).json({err: shared.i18n.t('messageGroupChatAdminClearFlagCount')})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -439,8 +439,8 @@ api.likeChatMessage = function(req, res, next) {
|
||||
var group = res.locals.group;
|
||||
var message = _.find(group.chat, {id: req.params.mid});
|
||||
|
||||
if (!message) return res.json(404, {err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
if (message.uuid == user._id) return res.json(401, {err: shared.i18n.t('messageGroupChatLikeOwnMessage')});
|
||||
if (!message) return res.status(404).json({err: shared.i18n.t('messageGroupChatNotFound')});
|
||||
if (message.uuid == user._id) return res.status(401).json({err: shared.i18n.t('messageGroupChatLikeOwnMessage')});
|
||||
if (!message.likes) message.likes = {};
|
||||
if (message.likes[user._id]) {
|
||||
delete message.likes[user._id];
|
||||
@@ -483,7 +483,7 @@ api.join = function(req, res, next) {
|
||||
}
|
||||
}
|
||||
|
||||
if(!isUserInvited) return res.json(401, {err: shared.i18n.t('messageGroupRequiresInvite')});
|
||||
if(!isUserInvited) return res.status(401).json({err: shared.i18n.t('messageGroupRequiresInvite')});
|
||||
|
||||
if (!_.contains(group.members, user._id)){
|
||||
if (group.members.length === 0) {
|
||||
@@ -610,7 +610,7 @@ var inviteByUUIDs = function(uuids, group, req, res, next){
|
||||
}
|
||||
});
|
||||
}, function(err){
|
||||
if(err) return err.code ? res.json(err.code, {err: err.err}) : next(err);
|
||||
if(err) return err.code ? res.status(err.code).json({err: err.err}) : next(err);
|
||||
|
||||
async.series([
|
||||
function(cb) {
|
||||
@@ -674,7 +674,7 @@ var inviteByEmails = function(invites, group, req, res, next){
|
||||
cb();
|
||||
}
|
||||
}, function(err){
|
||||
if(err) return err.code ? res.json(err.code, {err: err.err}) : next(err);
|
||||
if(err) return err.code ? res.status(err.code).json({err: err.err}) : next(err);
|
||||
|
||||
if (usersAlreadyRegistered.length > 0){
|
||||
inviteByUUIDs(usersAlreadyRegistered, group, req, res, next);
|
||||
@@ -682,7 +682,7 @@ var inviteByEmails = function(invites, group, req, res, next){
|
||||
|
||||
// Send only status code down the line because it doesn't need
|
||||
// info on invited users since they are not yet registered
|
||||
res.json(200, {});
|
||||
res.status(200).json({});
|
||||
}
|
||||
});
|
||||
};
|
||||
@@ -691,14 +691,14 @@ api.invite = function(req, res, next){
|
||||
var group = res.locals.group;
|
||||
|
||||
if (group.privacy === 'private' && !_.contains(group.members,res.locals.user._id)) {
|
||||
return res.json(401, {err: "Only a member can invite new members!"});
|
||||
return res.status(401).json({err: "Only a member can invite new members!"});
|
||||
}
|
||||
if (req.body.uuids) {
|
||||
inviteByUUIDs(req.body.uuids, group, req, res, next);
|
||||
} else if (req.body.emails) {
|
||||
inviteByEmails(req.body.emails, group, req, res, next)
|
||||
} else {
|
||||
return res.json(400, {err: "Can only invite by email or uuid"});
|
||||
return res.status(400).json({err: "Can only invite by email or uuid"});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -721,11 +721,11 @@ api.removeMember = function(req, res, next){
|
||||
}
|
||||
|
||||
if(group.leader !== user._id){
|
||||
return res.json(401, {err: "Only group leader can remove a member!"});
|
||||
return res.status(401).json({err: "Only group leader can remove a member!"});
|
||||
}
|
||||
|
||||
if(user._id === uuid){
|
||||
return res.json(401, {err: "You cannot remove yourself!"});
|
||||
return res.status(401).json({err: "You cannot remove yourself!"});
|
||||
}
|
||||
|
||||
if(_.contains(group.members, uuid)){
|
||||
@@ -794,7 +794,7 @@ api.removeMember = function(req, res, next){
|
||||
});
|
||||
}else{
|
||||
group = uuid = null;
|
||||
return res.json(400, {err: "User not found among group's members!"});
|
||||
return res.status(400).json({err: "User not found among group's members!"});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -806,7 +806,7 @@ function questStart(req, res, next) {
|
||||
var group = res.locals.group;
|
||||
var force = req.query.force;
|
||||
|
||||
// if (group.quest.active) return res.json(400,{err:'Quest already began.'});
|
||||
// if (group.quest.active) return res.status(400).json({err:'Quest already began.'});
|
||||
// temporarily send error email, until we know more about this issue (then remove below, uncomment above).
|
||||
if (group.quest.active) return next('Quest already began.');
|
||||
|
||||
@@ -907,15 +907,15 @@ api.questAccept = function(req, res, next) {
|
||||
var user = res.locals.user;
|
||||
var key = req.query.key;
|
||||
|
||||
if (!group || group.type !== 'party') return res.json(400, {err: "Must be in a party to start quests."});
|
||||
if (!group || group.type !== 'party') return res.status(400).json({err: "Must be in a party to start quests."});
|
||||
|
||||
// If ?key=xxx is provided, we're starting a new quest and inviting the party. Otherwise, we're a party member accepting the invitation
|
||||
if (key) {
|
||||
var quest = shared.content.quests[key];
|
||||
if (!quest) return res.json(404,{err:'Quest ' + key + ' not found'});
|
||||
if (quest.lvl && user.stats.lvl < quest.lvl) return res.json(400, {err: "You must be level "+quest.lvl+" to begin this quest."});
|
||||
if (group.quest.key) return res.json(400, {err: 'Your party is already on a quest. Try again when the current quest has ended.'});
|
||||
if (!user.items.quests[key]) return res.json(400, {err: "You don't own that quest scroll"});
|
||||
if (!quest) return res.status(404).json({err:'Quest ' + key + ' not found'});
|
||||
if (quest.lvl && user.stats.lvl < quest.lvl) return res.status(400).json({err: "You must be level "+quest.lvl+" to begin this quest."});
|
||||
if (group.quest.key) return res.status(400).json({err: 'Your party is already on a quest. Try again when the current quest has ended.'});
|
||||
if (!user.items.quests[key]) return res.status(400).json({err: "You don't own that quest scroll"});
|
||||
group.quest.key = key;
|
||||
group.quest.members = {};
|
||||
// Invite everyone. true means "accepted", false="rejected", undefined="pending". Once we click "start quest"
|
||||
@@ -967,7 +967,7 @@ api.questAccept = function(req, res, next) {
|
||||
|
||||
// Party member accepting the invitation
|
||||
} else {
|
||||
if (!group.quest.key) return res.json(400,{err:'No quest invitation has been sent out yet.'});
|
||||
if (!group.quest.key) return res.status(400).json({err:'No quest invitation has been sent out yet.'});
|
||||
var analyticsData = {
|
||||
category: 'behavior',
|
||||
owner: false,
|
||||
@@ -987,7 +987,7 @@ api.questReject = function(req, res, next) {
|
||||
var group = res.locals.group;
|
||||
var user = res.locals.user;
|
||||
|
||||
if (!group.quest.key) return res.json(400,{err:'No quest invitation has been sent out yet.'});
|
||||
if (!group.quest.key) return res.status(400).json({err:'No quest invitation has been sent out yet.'});
|
||||
var analyticsData = {
|
||||
category: 'behavior',
|
||||
owner: false,
|
||||
@@ -1073,15 +1073,15 @@ api.questLeave = function(req, res, next) {
|
||||
var user = res.locals.user;
|
||||
|
||||
if (!(group.quest && group.quest.active)) {
|
||||
return res.json(404, { err: 'No active quest to leave' });
|
||||
return res.status(404).json({ err: 'No active quest to leave' });
|
||||
}
|
||||
|
||||
if (!(group.quest.members && group.quest.members[user._id])) {
|
||||
return res.json(403, { err: 'You are not part of the quest' });
|
||||
return res.status(403).json({ err: 'You are not part of the quest' });
|
||||
}
|
||||
|
||||
if (group.quest.leader === user._id) {
|
||||
return res.json(403, { err: 'Quest leader cannot leave quest' });
|
||||
return res.status(403).json({ err: 'Quest leader cannot leave quest' });
|
||||
}
|
||||
|
||||
delete group.quest.members[user._id];
|
||||
|
||||
@@ -8,7 +8,7 @@ var api = module.exports;
|
||||
|
||||
api.ensureAdmin = function(req, res, next) {
|
||||
var user = res.locals.user;
|
||||
if (!(user.contributor && user.contributor.admin)) return res.json(401, {err:"You don't have admin access"});
|
||||
if (!(user.contributor && user.contributor.admin)) return res.status(401).json({err:"You don't have admin access"});
|
||||
next();
|
||||
}
|
||||
|
||||
@@ -42,7 +42,7 @@ api.getHero = function(req,res,next) {
|
||||
.select('auth.local.username auth.local.email auth.facebook auth.blocked')
|
||||
.exec(function(err, user){
|
||||
if (err) return next(err)
|
||||
if (!user) return res.json(400,{err:'User not found'});
|
||||
if (!user) return res.status(400).json({err:'User not found'});
|
||||
res.json(user);
|
||||
});
|
||||
}
|
||||
@@ -53,7 +53,7 @@ api.updateHero = function(req,res,next) {
|
||||
User.findById(req.params.uid, cb);
|
||||
},
|
||||
function(member, cb){
|
||||
if (!member) return res.json(404, {err: "User not found"});
|
||||
if (!member) return res.status(404).json({err: "User not found"});
|
||||
member.balance = req.body.balance || 0;
|
||||
var newTier = req.body.contributor.level; // tier = level in this context
|
||||
var oldTier = member.contributor && member.contributor.level || 0;
|
||||
@@ -80,6 +80,6 @@ api.updateHero = function(req,res,next) {
|
||||
}
|
||||
], function(err, saved){
|
||||
if (err) return next(err);
|
||||
res.json(204);
|
||||
res.status(204).json({});
|
||||
})
|
||||
}
|
||||
|
||||
@@ -22,7 +22,7 @@ var fetchMember = function(uuid, restrict){
|
||||
}
|
||||
|
||||
var sendErr = function(err, res, next){
|
||||
err.code ? res.json(err.code, {err: err.err}) : next(err);
|
||||
err.code ? res.status(err.code).json({err: err.err}) : next(err);
|
||||
}
|
||||
|
||||
api.getMember = function(req, res, next) {
|
||||
|
||||
@@ -6,7 +6,7 @@ var i18n = require('../../../../common').i18n;
|
||||
var api = module.exports = {};
|
||||
|
||||
api.unsubscribe = function(req, res, next){
|
||||
if(!req.query.code) return res.json(500, {err: 'Missing unsubscription code.'});
|
||||
if(!req.query.code) return res.status(500).json({err: 'Missing unsubscription code.'});
|
||||
|
||||
var data = JSON.parse(utils.decrypt(req.query.code));
|
||||
|
||||
@@ -15,7 +15,7 @@ api.unsubscribe = function(req, res, next){
|
||||
$set: {'preferences.emailNotifications.unsubscribeFromAll': true}
|
||||
}, {multi: false}, function(err, updateRes){
|
||||
if(err) return next(err);
|
||||
if(updateRes !== 1) return res.json(404, {err: 'User not found'});
|
||||
if(updateRes !== 1) return res.status(404).json({err: 'User not found'});
|
||||
|
||||
res.send('<h1>' + i18n.t('unsubscribedSuccessfully', null, req.language) + '</h1>' + i18n.t('unsubscribedTextUsers', null, req.language));
|
||||
});
|
||||
|
||||
@@ -75,10 +75,10 @@ api.score = function(req, res, next) {
|
||||
var clearMemory = function(){user = task = id = direction = null;}
|
||||
|
||||
// Send error responses for improper API call
|
||||
if (!id) return res.json(400, {err: ':id required'});
|
||||
if (!id) return res.status(400).json({err: ':id required'});
|
||||
if (direction !== 'up' && direction !== 'down') {
|
||||
if (direction == 'unlink' || direction == 'sort') return next();
|
||||
return res.json(400, {err: ":direction must be 'up' or 'down'"});
|
||||
return res.status(400).json({err: ":direction must be 'up' or 'down'"});
|
||||
}
|
||||
// If exists already, score it
|
||||
if (task = user.tasks[id]) {
|
||||
@@ -108,7 +108,7 @@ api.score = function(req, res, next) {
|
||||
|
||||
var userStats = saved.toJSON().stats;
|
||||
var resJsonData = _.extend({ delta: delta, _tmp: user._tmp }, userStats);
|
||||
res.json(200, resJsonData);
|
||||
res.status(200).json(resJsonData);
|
||||
|
||||
var webhookData = _generateWebhookTaskData(
|
||||
task, direction, delta, userStats, user
|
||||
@@ -161,8 +161,8 @@ api.getTasks = function(req, res, next) {
|
||||
*/
|
||||
api.getTask = function(req, res, next) {
|
||||
var task = findTask(req,res);
|
||||
if (!task) return res.json(404, {err: shared.i18n.t('messageTaskNotFound')});
|
||||
return res.json(200, task);
|
||||
if (!task) return res.status(404).json({err: shared.i18n.t('messageTaskNotFound')});
|
||||
return res.status(200).json(task);
|
||||
};
|
||||
|
||||
|
||||
@@ -184,7 +184,7 @@ api.getTask = function(req, res, next) {
|
||||
|
||||
api.getBuyList = function (req, res, next) {
|
||||
var list = shared.updateStore(res.locals.user);
|
||||
return res.json(200, list);
|
||||
return res.status(200).json(list);
|
||||
};
|
||||
|
||||
/*
|
||||
@@ -206,7 +206,7 @@ api.getUser = function(req, res, next) {
|
||||
delete user.auth.local.hashed_password;
|
||||
delete user.auth.local.salt;
|
||||
}
|
||||
return res.json(200, user);
|
||||
return res.status(200).json(user);
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -279,7 +279,7 @@ api.getUserAnonymized = function(req, res, next) {
|
||||
cleanChecklist(task);
|
||||
});
|
||||
|
||||
return res.json(200, user);
|
||||
return res.status(200).json(user);
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -336,7 +336,7 @@ api.update = (req, res, next) => {
|
||||
let user = res.locals.user;
|
||||
let errors = [];
|
||||
|
||||
if (_.isEmpty(req.body)) return res.json(200, user);
|
||||
if (_.isEmpty(req.body)) return res.status(200).json(user);
|
||||
|
||||
_.each(req.body, (v, k) => {
|
||||
let purchasable = requiresPurchase[k];
|
||||
@@ -354,18 +354,18 @@ api.update = (req, res, next) => {
|
||||
});
|
||||
|
||||
user.save((err) => {
|
||||
if (!_.isEmpty(errors)) return res.json(401, {err: errors});
|
||||
if (!_.isEmpty(errors)) return res.status(401).json({err: errors});
|
||||
if (err) {
|
||||
if (err.name == 'ValidationError') {
|
||||
let errorMessages = _.map(_.values(err.errors), (error) => {
|
||||
return error.message;
|
||||
});
|
||||
return res.json(400, {err: errorMessages});
|
||||
return res.status(400).json({err: errorMessages});
|
||||
}
|
||||
return next(err);
|
||||
}
|
||||
|
||||
res.json(200, user);
|
||||
res.status(200).json(user);
|
||||
user = errors = null;
|
||||
});
|
||||
};
|
||||
@@ -411,7 +411,7 @@ api.delete = function(req, res, next) {
|
||||
var plan = user.purchased.plan;
|
||||
|
||||
if (plan && plan.customerId && !plan.dateTerminated){
|
||||
return res.json(400,{err:"You have an active subscription, cancel your plan before deleting your account."});
|
||||
return res.status(400).json({err:"You have an active subscription, cancel your plan before deleting your account."});
|
||||
}
|
||||
|
||||
Group.find({
|
||||
@@ -488,8 +488,8 @@ api.cast = function(req, res, next) {
|
||||
klass = shared.content.spells.special[req.params.spell] ? 'special' : user.stats.class,
|
||||
spell = shared.content.spells[klass][req.params.spell];
|
||||
|
||||
if (!spell) return res.json(404, {err: 'Spell "' + req.params.spell + '" not found.'});
|
||||
if (spell.mana > user.stats.mp) return res.json(400, {err: 'Not enough mana to cast spell'});
|
||||
if (!spell) return res.status(404).json({err: 'Spell "' + req.params.spell + '" not found.'});
|
||||
if (spell.mana > user.stats.mp) return res.status(400).json({err: 'Not enough mana to cast spell'});
|
||||
|
||||
var done = function(){
|
||||
var err = arguments[0];
|
||||
@@ -501,7 +501,7 @@ api.cast = function(req, res, next) {
|
||||
|
||||
switch (targetType) {
|
||||
case 'task':
|
||||
if (!user.tasks[targetId]) return res.json(404, {err: 'Task "' + targetId + '" not found.'});
|
||||
if (!user.tasks[targetId]) return res.status(404).json({err: 'Task "' + targetId + '" not found.'});
|
||||
spell.cast(user, user.tasks[targetId]);
|
||||
user.save(done);
|
||||
break;
|
||||
@@ -597,12 +597,12 @@ _.each(shared.wrap({}).ops, function(op,k){
|
||||
// If we want to send something other than 500, pass err as {code: 200, message: "Not enough GP"}
|
||||
if (err) {
|
||||
if (!err.code) return next(err);
|
||||
if (err.code >= 400) return res.json(err.code,{err:err.message});
|
||||
if (err.code >= 400) return res.status(err.code).json({err:err.message});
|
||||
// In the case of 200s, they're friendly alert messages like "You're pet has hatched!" - still send the op
|
||||
}
|
||||
res.locals.user.save(function(err){
|
||||
if (err) return next(err);
|
||||
res.json(200,response);
|
||||
res.status(200).json(response);
|
||||
})
|
||||
}, analytics);
|
||||
}
|
||||
@@ -618,7 +618,7 @@ _.each(shared.wrap({}).ops, function(op,k){
|
||||
api.batchUpdate = function(req, res, next) {
|
||||
if (_.isEmpty(req.body)) req.body = []; // cases of {} or null
|
||||
if (req.body[0] && req.body[0].data)
|
||||
return res.json(501, {err: "API has been updated, please refresh your browser or upgrade your mobile app."})
|
||||
return res.status(501).json({err: "API has been updated, please refresh your browser or upgrade your mobile app."})
|
||||
|
||||
var user = res.locals.user;
|
||||
var oldSend = res.send;
|
||||
@@ -666,17 +666,17 @@ api.batchUpdate = function(req, res, next) {
|
||||
|
||||
// return only drops & streaks
|
||||
if (response._tmp && response._tmp.drop){
|
||||
res.json(200, {_tmp: {drop: response._tmp.drop}, _v: response._v});
|
||||
res.status(200).json({_tmp: {drop: response._tmp.drop}, _v: response._v});
|
||||
|
||||
// Fetch full user object
|
||||
} else if (response.wasModified){
|
||||
// Preen 3-day past-completed To-Dos from Angular & mobile app
|
||||
response.todos = shared.preenTodos(response.todos);
|
||||
res.json(200, response);
|
||||
res.status(200).json(response);
|
||||
|
||||
// return only the version number
|
||||
} else{
|
||||
res.json(200, {_v: response._v});
|
||||
res.status(200).json({_v: response._v});
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
@@ -47,8 +47,8 @@ var userdata = function(user) {
|
||||
|
||||
dataexport.leanuser = function(req, res, next) {
|
||||
User.findOne({_id: res.locals.user._id}).lean().exec(function(err, user) {
|
||||
if (err) return res.json(500, {err: err});
|
||||
if (_.isEmpty(user)) return res.json(401, NO_USER_FOUND);
|
||||
if (err) return res.status(500).json({err: err});
|
||||
if (_.isEmpty(user)) return res.status(401).json(NO_USER_FOUND);
|
||||
res.locals.user = user;
|
||||
return next();
|
||||
});
|
||||
|
||||
@@ -19,11 +19,11 @@ var amzPayment = amazonPayments.connect({
|
||||
|
||||
exports.verifyAccessToken = function(req, res, next){
|
||||
if(!req.body || !req.body['access_token']){
|
||||
return res.json(400, {err: 'Access token not supplied.'});
|
||||
return res.status(400).json({err: 'Access token not supplied.'});
|
||||
}
|
||||
|
||||
amzPayment.api.getTokenInfo(req.body['access_token'], function(err, tokenInfo){
|
||||
if(err) return res.json(400, {err:err});
|
||||
if(err) return res.status(400).json({err:err});
|
||||
|
||||
res.sendStatus(200);
|
||||
});
|
||||
@@ -31,7 +31,7 @@ exports.verifyAccessToken = function(req, res, next){
|
||||
|
||||
exports.createOrderReferenceId = function(req, res, next){
|
||||
if(!req.body || !req.body.billingAgreementId){
|
||||
return res.json(400, {err: 'Billing Agreement Id not supplied.'});
|
||||
return res.status(400).json({err: 'Billing Agreement Id not supplied.'});
|
||||
}
|
||||
|
||||
amzPayment.offAmazonPayments.createOrderReferenceForId({
|
||||
@@ -52,7 +52,7 @@ exports.createOrderReferenceId = function(req, res, next){
|
||||
|
||||
exports.checkout = function(req, res, next){
|
||||
if(!req.body || !req.body.orderReferenceId){
|
||||
return res.json(400, {err: 'Billing Agreement Id not supplied.'});
|
||||
return res.status(400).json({err: 'Billing Agreement Id not supplied.'});
|
||||
}
|
||||
|
||||
var gift = req.body.gift;
|
||||
@@ -148,7 +148,7 @@ exports.checkout = function(req, res, next){
|
||||
|
||||
exports.subscribe = function(req, res, next){
|
||||
if(!req.body || !req.body['billingAgreementId']){
|
||||
return res.json(400, {err: 'Billing Agreement Id not supplied.'});
|
||||
return res.status(400).json({err: 'Billing Agreement Id not supplied.'});
|
||||
}
|
||||
|
||||
var billingAgreementId = req.body.billingAgreementId;
|
||||
@@ -157,7 +157,7 @@ exports.subscribe = function(req, res, next){
|
||||
var user = res.locals.user;
|
||||
|
||||
if(!sub){
|
||||
return res.json(400, {err: 'Subscription plan not found.'});
|
||||
return res.status(400).json({err: 'Subscription plan not found.'});
|
||||
}
|
||||
|
||||
async.series({
|
||||
@@ -236,7 +236,7 @@ exports.subscribe = function(req, res, next){
|
||||
exports.subscribeCancel = function(req, res, next){
|
||||
var user = res.locals.user;
|
||||
if (!user.purchased.plan.customerId)
|
||||
return res.json(401, {err: 'User does not have a plan subscription'});
|
||||
return res.status(401).json({err: 'User does not have a plan subscription'});
|
||||
|
||||
var billingAgreementId = user.purchased.plan.customerId;
|
||||
|
||||
|
||||
@@ -181,7 +181,7 @@ exports.buyGems = function(data, cb) {
|
||||
exports.validCoupon = function(req, res, next){
|
||||
mongoose.model('Coupon').findOne({_id:cc.validate(req.params.code), event:'google_6mo'}, function(err, coupon){
|
||||
if (err) return next(err);
|
||||
if (!coupon) return res.json(401, {err:"Invalid coupon code"});
|
||||
if (!coupon) return res.status(401).json({err:"Invalid coupon code"});
|
||||
return res.sendStatus(200);
|
||||
});
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ paypal.configure({
|
||||
var parseErr = function(res, err){
|
||||
//var error = err.response ? err.response.message || err.response.details[0].issue : err;
|
||||
var error = JSON.stringify(err);
|
||||
return res.json(400,{err:error});
|
||||
return res.status(400).json({err:error});
|
||||
}
|
||||
|
||||
exports.createBillingAgreement = function(req,res,next){
|
||||
@@ -166,7 +166,7 @@ exports.executePayment = function(req, res) {
|
||||
exports.cancelSubscription = function(req, res, next){
|
||||
var user = res.locals.user;
|
||||
if (!user.purchased.plan.customerId)
|
||||
return res.json(401, {err: "User does not have a plan subscription"});
|
||||
return res.status(401).json({err: "User does not have a plan subscription"});
|
||||
async.auto({
|
||||
get_cus: function(cb){
|
||||
paypal.billingAgreement.get(user.purchased.plan.customerId, cb);
|
||||
|
||||
@@ -72,7 +72,7 @@ exports.checkout = function(req, res, next) {
|
||||
exports.subscribeCancel = function(req, res, next) {
|
||||
var user = res.locals.user;
|
||||
if (!user.purchased.plan.customerId)
|
||||
return res.json(401, {err: 'User does not have a plan subscription'});
|
||||
return res.status(401).json({err: 'User does not have a plan subscription'});
|
||||
|
||||
async.auto({
|
||||
get_cus: function(cb){
|
||||
|
||||
@@ -18,7 +18,7 @@ module.exports = function(app) {
|
||||
}
|
||||
})).use(function(req,res,next){
|
||||
//logging.info(res.ratelimit);
|
||||
if (res.ratelimit.exceeded) return res.json(429,{err:'Rate limit exceeded'});
|
||||
if (res.ratelimit.exceeded) return res.status(429).json({err:'Rate limit exceeded'});
|
||||
next();
|
||||
});
|
||||
};
|
||||
|
||||
@@ -20,5 +20,5 @@ module.exports = function(err, req, res, next) {
|
||||
});*/
|
||||
var message = err.message ? err.message : err;
|
||||
message = (message.length < 200) ? message : message.substring(0,100) + message.substring(message.length-100,message.length);
|
||||
res.json(500,{err:message}); //res.end(err.message);
|
||||
res.status(500).json({err:message}); //res.end(err.message);
|
||||
};
|
||||
|
||||
@@ -2,7 +2,7 @@ module.exports.siteVersion = 1;
|
||||
|
||||
module.exports.middleware = function(req, res, next){
|
||||
if(req.query.siteVersion && req.query.siteVersion != module.exports.siteVersion){
|
||||
return res.json(400, {needRefresh: true});
|
||||
return res.status(400).json({needRefresh: true});
|
||||
}
|
||||
|
||||
return next();
|
||||
|
||||
Reference in New Issue
Block a user