rpdata
/
frontend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
The frontend/UI server, written in JS using the MarkoJS library
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
131 Commits
4 Branches
35 Tags
7.4 MiB
Tree: 6fca626ea2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6fca626ea2'
${ noResults }
frontend/middleware/locals.js

71 lines
1.7 KiB
Raw Normal View History

data, logs, logs-content, story, story-content: Added permission check in UI to hide disallowed actions.
6 years ago
Initial Commit
6 years ago
story: Added view of own unlisted stories.
6 years ago
Initial Commit
6 years ago
story-content: Added remove story modal, added annotations
6 years ago
Initial Commit
6 years ago
story: Added view of own unlisted stories.
6 years ago
data, logs, logs-content, story, story-content: Added permission check in UI to hide disallowed actions.
6 years ago
story-content: Added remove story modal, added annotations
6 years ago
story-content: Added edit story modal, added toggle component.
6 years ago
story-content: Added remove story modal, added annotations
6 years ago
Initial Commit
6 years ago
data, logs, logs-content, story, story-content: Added permission check in UI to hide disallowed actions.
6 years ago
Initial Commit
6 years ago
data, logs, logs-content, story, story-content: Added permission check in UI to hide disallowed actions.
6 years ago
Initial Commit
6 years ago
  1. const config = require("../config")
  3. module.exports = (req, res, next) => {
  4. if (res.marko) {
  5. res.markoAsync = async(template, input) => {
  6. const locals = Object.assign({}, (res.locals || {}), input)
  8. try {
  9. for (const key in locals) {
  10. const value = locals[key]
  11. if (value instanceof Promise) {
  12. locals[key] = await value
  13. }
  14. }
  16. if (locals.user.permissions != null) {
  17. locals.user.permissions = await locals.user.permissions
  18. }
  19. } catch(err) {
  20. if (JSON.stringify(err) === "{}") {
  21. return next(err)
  22. }
  24. return res.status(404).json(err)
  25. }
  27. return res.marko(template, locals)
  28. }
  29. }
  31. if (req.user) {
  32. res.locals.user = {
  33. loggedIn: true,
  34. name: req.user._json.name,
  35. permissions: getPermissions(req.user._json.name),
  36. }
  37. } else {
  38. res.locals.user = {
  39. loggedIn: false,
  40. }
  41. }
  43. next()
  44. }
  46. function getPermissions(user) {
  47. return fetch(config.graphqlEndpoint, {
  48. method: "POST",
  49. headers: {
  50. "Content-Type": "application/json",
  51. "Authorization": `Bearer ${generateToken(user, ["member"])}`,
  52. },
  53. body: '{"query":"query { token { user { permissions } } }", "variables": {}}',
  54. credentials: "include",
  55. }).then(res => {
  56. return res.json()
  57. }).then(json => {
  58. return json.data.token.user.permissions
  59. }).catch(err => {
  60. console.error(err)
  61. return []
  62. })
  63. }
  65. const jwt = require("jsonwebtoken")
  66. /**
  67. * @param {string} user
  68. * @param {string[]} permissions
  69. */
  70. function generateToken(user, permissions) {
  71. return jwt.sign({user, permissions, exp: Math.floor((Date.now() / 1000) + 1200)}, config.backend.secret, {header: {kid: config.backend.kid}})
  72. }