1
0
Fork 0
mirror of https://github.com/codex-team/codex.docs.git synced 2025-07-25 08:09:41 +02:00
codex.docs/src/routes/aliases.js
Timur Kazantaev 717fd3fe38
Auth fix (#54)
* Authorization added

* added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized

* added dbinsert script

* turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form

* added middlewares, user model and controller

* JSDoc fix

* wrong password processing fix

* added comments to dbinsert script, moved salt and passHash to singe db doc

* Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc

* Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie

* Added verifyToken middleware to aliases route, added check for user existance on POST/auth

* Added message "password not set" to client
2019-03-07 19:46:37 +03:00

36 lines
841 B
JavaScript

const express = require('express');
const router = express.Router();
const Aliases = require('../controllers/aliases');
const Pages = require('../controllers/pages');
const Alias = require('../models/alias');
const verifyToken = require('./middlewares/token');
/**
* GET /*
*
* Return document with given alias
*/
router.get('*', verifyToken, async (req, res) => {
try {
const alias = await Aliases.get(req.originalUrl.slice(1)); // Cuts first '/' character
switch (alias.type) {
case Alias.types.PAGE: {
let page = await Pages.get(alias.id);
let pageParent = await page.parent;
res.render('pages/page', {
page, pageParent
});
}
}
} catch (err) {
res.status(400).json({
success: false,
error: err.message
});
}
});
module.exports = router;