add placeholder for model validation function, clean up and consistency changes
This commit is contained in:
Dan Ribbens
30
src/api.js
30
src/api.js
@@ -1,30 +0,0 @@
|
||||
import Cookies from 'universal-cookie';
|
||||
import superagentPromise from 'superagent-promise';
|
||||
import _superagent from 'superagent';
|
||||
import qs from 'qs';
|
||||
|
||||
const cookies = new Cookies();
|
||||
const superagent = superagentPromise(_superagent, global.Promise);
|
||||
const responseBody = res => res.body;
|
||||
|
||||
const setJwt = () => {
|
||||
const jwt = cookies.get('token');
|
||||
return jwt ? { 'Authorization': `JWT ${jwt}` } : {}
|
||||
};
|
||||
|
||||
const requests = {
|
||||
get: (url, params) => {
|
||||
const query = qs.stringify(params, { addQueryPrefix: true });
|
||||
return superagent.get(`${url}${query}`).set(setJwt()).then(responseBody);
|
||||
},
|
||||
|
||||
post: (url, body) =>
|
||||
superagent.post(`${url}`, body).set(setJwt()).then(responseBody),
|
||||
|
||||
put: (url, body) =>
|
||||
superagent.put(`${url}`, body).set(setJwt()).then(responseBody)
|
||||
};
|
||||
|
||||
export default {
|
||||
requests
|
||||
};
|
||||
@@ -11,16 +11,14 @@ import autopopulate from './plugins/autopopulate';
|
||||
import paginate from './plugins/paginate';
|
||||
import buildQuery from './plugins/buildQuery';
|
||||
import internationalization from './plugins/internationalization';
|
||||
import bindModel from './middleware/bindModel';
|
||||
import locale from './middleware/locale';
|
||||
import { bindModel, locale, checkRole } from './middleware';
|
||||
import { query, create, findOne, destroy, update } from './requestHandlers';
|
||||
import { schemaBaseFields } from './helpers/mongoose/schemaBaseFields';
|
||||
import fieldToSchemaMap from './helpers/mongoose/fieldToSchemaMap';
|
||||
import authValidate from './auth/validate';
|
||||
import authRequestHandlers from './auth/requestHandlers';
|
||||
import middleware from './middleware';
|
||||
import passwordResetConfig from './auth/passwordResets/passwordReset.config';
|
||||
import passportLocalMongoose from 'passport-local-mongoose';
|
||||
import validateConfig from './lib/validateConfig';
|
||||
|
||||
class Payload {
|
||||
|
||||
@@ -70,6 +68,7 @@ class Payload {
|
||||
// TODO: Build safe config before initializing models and routes
|
||||
|
||||
options.models && options.models.forEach(config => {
|
||||
validateConfig(config, this.models);
|
||||
// TODO: consider making schemaBaseFields a mongoose plugin for consistency
|
||||
const fields = { ...schemaBaseFields };
|
||||
|
||||
@@ -118,7 +117,7 @@ class Payload {
|
||||
options.config.roles.forEach((role) => {
|
||||
options.router
|
||||
.route(`/role/${role}`)
|
||||
.get(passport.authenticate(config.auth.strategy, { session: false }), middleware.role(role), auth.me);
|
||||
.get(passport.authenticate(config.auth.strategy, { session: false }), checkRole(role), auth.me);
|
||||
});
|
||||
|
||||
// password resets
|
||||
|
||||
6
src/lib/validateConfig.js
Normal file
6
src/lib/validateConfig.js
Normal file
@@ -0,0 +1,6 @@
|
||||
export default function validateConfig(config, models) {
|
||||
if (models[config.labels.singular]) {
|
||||
throw new Error('Model name "' + config.labels.singular + '" is already in use');
|
||||
}
|
||||
// TODO: Come up with a lot more things to check for and throw errors about
|
||||
}
|
||||
@@ -3,6 +3,6 @@ const bindModel = model => {
|
||||
req.model = model;
|
||||
next();
|
||||
};
|
||||
}
|
||||
};
|
||||
|
||||
export default bindModel;
|
||||
|
||||
6
src/middleware/checkRole.js
Normal file
6
src/middleware/checkRole.js
Normal file
@@ -0,0 +1,6 @@
|
||||
export default function checkRole(role) {
|
||||
return function (req, res, next) {
|
||||
if (role !== req.user.role) res.status(401).send('Role not authorized.');
|
||||
else next();
|
||||
}
|
||||
}
|
||||
@@ -1,7 +1,3 @@
|
||||
import role from './role';
|
||||
import bindModel from './bindModel';
|
||||
|
||||
export default {
|
||||
bindModel,
|
||||
role
|
||||
};
|
||||
export {default as bindModel} from './bindModel';
|
||||
export {default as checkRole} from './checkRole';
|
||||
export {default as locale} from './locale';
|
||||
|
||||
@@ -6,7 +6,6 @@ import languageParser from 'accept-language-parser';
|
||||
* @param localization
|
||||
* @returns {Function}
|
||||
*/
|
||||
|
||||
export default function locale(localization) {
|
||||
return function (req, res, next) {
|
||||
let setLocale;
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
function role(allowedRole) {
|
||||
return function (req, res, next) {
|
||||
if (allowedRole !== req.user.role) res.status(401).send('Role not authorized.');
|
||||
else next();
|
||||
}
|
||||
}
|
||||
|
||||
export default role;
|
||||
Reference in New Issue
Block a user