1
0
mirror of https://github.com/Foltik/Shimapan synced 2024-11-30 22:41:47 -05:00
shimapan/app/routes/invites.js

78 lines
1.9 KiB
JavaScript

var express = require('express');
var router = express.Router();
var Invite = require('../models/Invite.js');
var requireScope = function (perm) {
return function(req, res, next) {
User.findOne({username: req.session.passport.user}, function(err, user) {
if (err) throw err;
if (user.scope.indexOf(perm) === -1)
res.status(400).json({'message': 'No permission.'});
else
next();
});
}
};
router.post('/create', function (req, res) {
if (!req.body.scope) {
res.status(400).json({'message': 'Bad request.'});
return;
}
var scope;
try {
scope = JSON.parse(req.body.scope);
} catch (e) {
res.status(500).json({'message': e.name + ': ' + e.message});
return;
}
var expiry = req.body.exp;
if (!expiry || expiry < Date.now())
expiry = 0;
var entry = {
code: crypto.randomBytes(12).toString('hex'),
scope: scope,
issuer: req.session.passport.user,
issued: Date.now(),
exp: expiry
};
Invite.create(entry, function (err) {
if (err) {
throw err;
} else {
res.status(200).json({
code: entry.code,
scope: entry.scope
});
}
})
});
router.get('/get', function (req, res, next) {
var query = {issuer: req.session.passport.user};
if (req.body.code)
query.code = req.body.code;
Invite.find(query, function (err, invites) {
if (err) {
next(err);
} else {
res.status(200).json(invites);
}
})
});
router.post('/delete', function (req, res, next) {
Invite.deleteOne({code: req.body.code}, function (err) {
if (err) next(err);
else res.status(200).json({'message': 'Successfully deleted.'});
});
});
module.exports = router;