From 0c1cbbfe29d91c95f9c574b57adf067654b8b5b4 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 14 Apr 2016 22:06:11 +0200 Subject: Add authentications for routes that need it and adapts the tests --- server/controllers/api/v1/users.js | 7 +++---- server/controllers/api/v1/videos.js | 11 +++++++---- 2 files changed, 10 insertions(+), 8 deletions(-) (limited to 'server/controllers/api') diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js index acb860c66..f45b47077 100644 --- a/server/controllers/api/v1/users.js +++ b/server/controllers/api/v1/users.js @@ -1,15 +1,14 @@ 'use strict' -var express = require('express') -var oAuth2 = require('../../../middlewares/oauth2') +const express = require('express') +const oAuth2 = require('../../../middlewares/oauth2') const middleware = require('../../../middlewares') const cacheMiddleware = middleware.cache const router = express.Router() -router.post('/token', cacheMiddleware.cache(false), oAuth2.token(), success) -router.get('/authenticate', cacheMiddleware.cache(false), oAuth2.authenticate(), success) +router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success) // --------------------------------------------------------------------------- diff --git a/server/controllers/api/v1/videos.js b/server/controllers/api/v1/videos.js index 97d3e6b5a..d25ca95f7 100644 --- a/server/controllers/api/v1/videos.js +++ b/server/controllers/api/v1/videos.js @@ -8,6 +8,7 @@ const multer = require('multer') const logger = require('../../../helpers/logger') const friends = require('../../../lib/friends') const middleware = require('../../../middlewares') +const oAuth2 = require('../../../middlewares/oauth2') const cacheMiddleware = middleware.cache const reqValidator = middleware.reqValidators.videos const Videos = require('../../../models/videos') // model @@ -38,9 +39,9 @@ const storage = multer.diskStorage({ const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }]) router.get('/', cacheMiddleware.cache(false), listVideos) -router.post('/', reqFiles, reqValidator.videosAdd, cacheMiddleware.cache(false), addVideo) +router.post('/', oAuth2.authenticate, reqFiles, reqValidator.videosAdd, cacheMiddleware.cache(false), addVideo) router.get('/:id', reqValidator.videosGet, cacheMiddleware.cache(false), getVideos) -router.delete('/:id', reqValidator.videosRemove, cacheMiddleware.cache(false), removeVideo) +router.delete('/:id', oAuth2.authenticate, reqValidator.videosRemove, cacheMiddleware.cache(false), removeVideo) router.get('/search/:name', reqValidator.videosSearch, cacheMiddleware.cache(false), searchVideos) // --------------------------------------------------------------------------- @@ -63,7 +64,8 @@ function addVideo (req, res, next) { name: video_infos.name, namePath: video_file.filename, description: video_infos.description, - magnetUri: torrent.magnetURI + magnetUri: torrent.magnetURI, + author: res.locals.oauth.token.user.username } Videos.add(video_data, function (err) { @@ -141,7 +143,8 @@ function getFormatedVideo (video_obj) { description: video_obj.description, podUrl: video_obj.podUrl, isLocal: videos.getVideoState(video_obj).owned, - magnetUri: video_obj.magnetUri + magnetUri: video_obj.magnetUri, + author: video_obj.author } return formated_video -- cgit v1.2.3