mirror of
https://github.com/codex-team/codex.docs.git
synced 2025-07-25 08:09:41 +02:00
* Authorization added * added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized * added dbinsert script * turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form * added middlewares, user model and controller * JSDoc fix * wrong password processing fix * added comments to dbinsert script, moved salt and passHash to singe db doc * Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc * Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie * Added verifyToken middleware to aliases route, added check for user existance on POST/auth * Added message "password not set" to client
36 lines
841 B
JavaScript
36 lines
841 B
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const Aliases = require('../controllers/aliases');
|
|
const Pages = require('../controllers/pages');
|
|
const Alias = require('../models/alias');
|
|
const verifyToken = require('./middlewares/token');
|
|
|
|
/**
|
|
* GET /*
|
|
*
|
|
* Return document with given alias
|
|
*/
|
|
router.get('*', verifyToken, async (req, res) => {
|
|
try {
|
|
const alias = await Aliases.get(req.originalUrl.slice(1)); // Cuts first '/' character
|
|
|
|
switch (alias.type) {
|
|
case Alias.types.PAGE: {
|
|
let page = await Pages.get(alias.id);
|
|
|
|
let pageParent = await page.parent;
|
|
|
|
res.render('pages/page', {
|
|
page, pageParent
|
|
});
|
|
}
|
|
}
|
|
} catch (err) {
|
|
res.status(400).json({
|
|
success: false,
|
|
error: err.message
|
|
});
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|