settle authentication

vedi · vedi · commit 3840d51b4e39 · 2014-10-28T13:28:08.000+03:00
diff --git a/app/controllers/articleController.js b/app/controllers/articleController.js
@@ -6,22 +6,23 @@ var
   _ = require('lodash'),
   Q = require('q'),
   Article = require('mongoose').model('Article'),
-  BaseController = require('./baseController')
+  BaseController = require('./base.server.controller')
 ;
 
 var ArticleController = BaseController.extend({
   ModelClass: Article,
   path: '/api/articles',
   fields: ['title', 'content', 'user', 'created'],
   qFields: ['title'],
-  defaultOptions: {
+  defaultOptions: _.defaults({
     queryPipe: function (query, req, res, callback) {
       return query.populate('user', 'displayName', callback);
     }
-  },
+  }, BaseController.prototype.defaultOptions),
   prepareData: function (req, res, callback) {
     callback(null, {user: req.user});
   }
 });
+
 module.exports = ArticleController;
 
diff --git a/app/controllers/base.server.controller.js b/app/controllers/base.server.controller.js
@@ -14,10 +14,23 @@ var BaseController = Restifizer.Controller.extend({
   },
   defaultOptions: {
     enabled: true,
-    auth: 'bearer'
+    auth: ['bearer', 'session']
   },
   getAuth: function (options) {
-    return options.auth ? passport.authenticate(options.auth, { session: false }) : this._emptyPre;
+    var auths = [
+      passport.authenticate(options.auth, { session: false }),
+      function (req, res, next) {
+        if (!req.isAuthenticated()) {
+          //options
+          return res.status(401).send({
+            message: 'User is not logged in'
+          });
+        }
+
+        next();
+      }
+    ];
+    return options.auth ? auths : this._emptyPre;
   }
 });
 
diff --git a/app/controllers/userController.js b/app/controllers/userController.js
@@ -6,7 +6,7 @@ var
   _ = require('lodash'),
   Q = require('q'),
   User = require('mongoose').model('User'),
-  BaseController = require('./baseController'),
+  BaseController = require('./base.server.controller'),
   HTTP_STATUSES = require('http-statuses')
 ;
 
diff --git a/config/authDelegate.js b/config/authDelegate.js
@@ -82,7 +82,7 @@ AuthDelegate.prototype.findUserByToken = function(context, callback) {
           .ninvoke(AccessToken, 'findOne', { token: context.accessToken})
           .then(function (token) {
             // if it's expired
-            if (token && Math.round((Date.now() - token.createdAt) / 1000) > _this.tokenLife) {
+            if (token && Math.round((Date.now() - token.created) / 1000) > _this.tokenLife) {
               return Q
                 .ninvoke(AccessToken, 'remove', { token: token })
                 .then(function () {
diff --git a/config/express.js b/config/express.js
@@ -95,40 +95,6 @@ module.exports = function(db) {
 		app.locals.cache = 'memory';
 	}
 
-
-	//app.use(express.logger({format: function (tokens, req, res) {
-	//	var
-	//		status = res.statusCode,
-	//		len = parseInt(res.getHeader('Content-Length'), 10),
-	//		color = 32;
-  //
-	//	if (status >= 500) color = 31;
-	//	else if (status >= 400) color = 33;
-	//	else if (status >= 300) color = 36;
-  //
-	//	len = isNaN(len) ? '' : ' - ' + bytes(len);
-  //
-	//	var str = '\x1b[90m' + req._startTime.toISOString().replace(/T/, ' ').replace(/\..+/, '') +
-	//		' ' + req.method +
-	//		' ' + req.originalUrl + ' ' +
-	//		'\x1b[' + color + 'm' + res.statusCode +
-	//		' \x1b[90m' +
-	//		(new Date() - req._startTime) +
-	//		'ms' + len +
-	//		'\x1b[0m';
-  //
-	//	if (res.statusCode !== 404 && // NOT_FOUND
-	//		log.levels[log.transports.console.level] <= log.levels.debug) {
-  //
-	//		str += '\x1b[' + color + 'm\n\treq->\x1b[90m' + (req.body ? ('\n' + JSON.stringify(req.body, null, 2)) : '') +
-	//		'\x1b[' + color + 'm\n\tres<-\x1b[90m' + (res.restfulResult ? ('\n' + JSON.stringify(res.restfulResult, null, 2)) : '') + '\x1b[0m';
-	//	}
-	//	return  str;
-	//}}));
-  //
-  //
-
-
 	// Request body parsing middleware should be above methodOverride
 	app.use(bodyParser.urlencoded({
 		extended: true
@@ -198,17 +164,30 @@ module.exports = function(db) {
 		console.error(err.stack);
 
 		// Error page
-		res.status(500).render('500', {
-			error: err.stack
-		});
+		res.status(err.status || 500);
+		if (req.accepts('html')) {
+			res.render('500', {
+				error: err.stack
+			});
+		} else {
+			res.send({ error: err.message })
+		}
 	});
 
 	// Assume 404 since no middleware responded
 	app.use(function(req, res) {
-		res.status(404).render('404', {
-			url: req.originalUrl,
-			error: 'Not Found'
-		});
+		res.status(404);
+		if (req.accepts('html')) {
+			res.render('404', {
+				url: req.originalUrl,
+				error: 'Not Found'
+			});
+		} else {
+			res.send({
+				url: req.originalUrl,
+				error: 'Not Found'
+			})
+		}
 	});
 
 	return app;

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@ var`
`6`	`6`	`_ = require('lodash'),`
`7`	`7`	`Q = require('q'),`
`8`	`8`	`User = require('mongoose').model('User'),`
`9`		`- BaseController = require('./baseController'),`
	`9`	`+ BaseController = require('./base.server.controller'),`
`10`	`10`	`HTTP_STATUSES = require('http-statuses')`
`11`	`11`	`;`
`12`	`12`