mirror of
https://github.com/Foltik/Shimapan
synced 2024-11-10 23:53:31 -05:00
78 lines
1.9 KiB
JavaScript
78 lines
1.9 KiB
JavaScript
var express = require('express');
|
|
var router = express.Router();
|
|
|
|
var Invite = require('../models/Invite.js');
|
|
|
|
var requireScope = function (perm) {
|
|
return function(req, res, next) {
|
|
User.findOne({username: req.session.passport.user}, function(err, user) {
|
|
if (err) throw err;
|
|
if (user.scope.indexOf(perm) === -1)
|
|
res.status(400).json({'message': 'No permission.'});
|
|
else
|
|
next();
|
|
});
|
|
}
|
|
};
|
|
|
|
router.post('/create', function (req, res) {
|
|
if (!req.body.scope) {
|
|
res.status(400).json({'message': 'Bad request.'});
|
|
return;
|
|
}
|
|
|
|
var scope;
|
|
try {
|
|
scope = JSON.parse(req.body.scope);
|
|
} catch (e) {
|
|
res.status(500).json({'message': e.name + ': ' + e.message});
|
|
return;
|
|
}
|
|
|
|
var expiry = req.body.exp;
|
|
if (!expiry || expiry < Date.now())
|
|
expiry = 0;
|
|
|
|
var entry = {
|
|
code: crypto.randomBytes(12).toString('hex'),
|
|
scope: scope,
|
|
issuer: req.session.passport.user,
|
|
issued: Date.now(),
|
|
exp: expiry
|
|
};
|
|
|
|
Invite.create(entry, function (err) {
|
|
if (err) {
|
|
throw err;
|
|
} else {
|
|
res.status(200).json({
|
|
code: entry.code,
|
|
scope: entry.scope
|
|
});
|
|
}
|
|
})
|
|
});
|
|
|
|
router.get('/get', function (req, res, next) {
|
|
var query = {issuer: req.session.passport.user};
|
|
|
|
if (req.body.code)
|
|
query.code = req.body.code;
|
|
|
|
Invite.find(query, function (err, invites) {
|
|
if (err) {
|
|
next(err);
|
|
} else {
|
|
res.status(200).json(invites);
|
|
}
|
|
})
|
|
});
|
|
|
|
router.post('/delete', function (req, res, next) {
|
|
Invite.deleteOne({code: req.body.code}, function (err) {
|
|
if (err) next(err);
|
|
else res.status(200).json({'message': 'Successfully deleted.'});
|
|
});
|
|
});
|
|
|
|
module.exports = router; |