mirror of
https://github.com/codex-team/codex.docs.git
synced 2025-07-18 20:59:42 +02:00
58d3892d8f
* Authorization added * added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized * added dbinsert script * turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form * added middlewares, user model and controller * JSDoc fix * wrong password processing fix * added comments to dbinsert script, moved salt and passHash to singe db doc * Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc * Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie
13 lines
286 B
JavaScript
13 lines
286 B
JavaScript
/**
|
|
* Middleware for checking locals.isAuthorized property, which allows to edit/create pages
|
|
* @param req
|
|
* @param res
|
|
* @param next
|
|
*/
|
|
module.exports = function allowEdit(req, res, next) {
|
|
if (res.locals.isAuthorized) {
|
|
next();
|
|
} else {
|
|
res.redirect('/auth');
|
|
}
|
|
};
|