diff options
| author | pitu <[email protected]> | 2017-01-17 00:37:54 -0300 |
|---|---|---|
| committer | pitu <[email protected]> | 2017-01-17 00:37:54 -0300 |
| commit | bdfd512c10986a9b4f137e668be6bd80dbd8f617 (patch) | |
| tree | f64f3cbcd5888916f8a388f62873732687db934d /routes | |
| parent | Login screen on dashboard (diff) | |
| download | host.fuwn.me-bdfd512c10986a9b4f137e668be6bd80dbd8f617.tar.xz host.fuwn.me-bdfd512c10986a9b4f137e668be6bd80dbd8f617.zip | |
token handling and verification
Diffstat (limited to 'routes')
| -rw-r--r-- | routes/api.js | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/routes/api.js b/routes/api.js index 18135ac..aeedfa9 100644 --- a/routes/api.js +++ b/routes/api.js @@ -4,12 +4,34 @@ const uploadController = require('../controllers/uploadController') const galleryController = require('../controllers/galleryController') routes.get ('/check', (req, res, next) => { - return res.json({token: config.TOKEN}) + return res.json({ private: config.private }) +}) + +routes.get ('/verify', (req, res, next) => { + let type = req.headers.type + let token = req.headers.token + + if(type === undefined) return res.json({ success: false, description: 'No type provided.' }) + if(token === undefined) return res.json({ success: false, description: 'No token provided.' }) + if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' }) + + if(type === 'client'){ + if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' }) + return res.json({ success: true }) + } + + if(type === 'admin'){ + if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' }) + return res.json({ success: true }) + } + + return res.json({ success: false, description: '(╯°□°)╯︵ ┻━┻' }) + }) routes.get('/info', (req, res, next) => { - if(config.TOKEN === true) + if(config.private === true) if(req.headers.auth !== config.clientToken) return res.status(401).send('not-authorized') |