Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server.use(function(req, res, next) {
- // checks if request is not about the todo list
- if(req.path.indexOf('item') === -1) {
- next();
- }
- else {
- // if it does about the todolist, check if the user is logged in
- var sessionId = req.cookies['sessionId'];
- var currentUser = db.getUserViaSessionId(sessionId);
- if (currentUser == null) {
- res.status(400);
- res.json({'status': 1, 'msg': 'no premissions to use the ToDo application.'});
- }
- else { // cookie found, extend session life by 30 minutes
- req.currentUser = currentUser;
- db.extendSession(req.currentUser, sessionTime);
- next();
- }
- }
- });
- server.post('/register', function(req, res){
- var username = req.param('username');
- var fullName = req.param('fullName');
- var password = req.param('password');
- if (typeof db.getUser(username) != 'undefined') { // user already exist
- res.status(500).
- send('username already exist.');
- }
- else {
- db.registerUser(username, fullName, password);
- var user = db.getUser(username);
- var sessionId = uuid.v1();
- user.sessionId = sessionId;
- user.sessionExpires = Date.now() + sessionTime;
- res.status(200);
- res.cookie('sessionId', sessionId, {'maxAge': sessionTime});
- res.json({ok: true});
- }
- });
- server.get('/login/:username/:password', function(req, res){
- var username = req.param('username');
- var password = req.param('password');
- var user = db.getUser(username);
- if (typeof user == 'undefined') { // user doesn't exist
- res.status(500).
- send('no such user.');
- }
- else if (user.password != password){ // passwords don't match
- res.status(500).
- send('wrong password.');
- }
- else {
- var sessionId = uuid.v1();
- user.sessionId = sessionId;
- user.sessionExpires = Date.now() + sessionTime;
- res.status(200);
- res.cookie('sessionId', sessionId, {'maxAge': sessionTime});
- res.json({ok: true});
- }
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
