diff options
| -rw-r--r-- | controllers/galleryController.js | 8 | ||||
| -rw-r--r-- | controllers/uploadController.js | 8 | ||||
| -rw-r--r-- | database/db.js | 53 | ||||
| -rw-r--r-- | routes/api.js | 6 |
4 files changed, 39 insertions, 36 deletions
diff --git a/controllers/galleryController.js b/controllers/galleryController.js index 39826dd..4fd7c49 100644 --- a/controllers/galleryController.js +++ b/controllers/galleryController.js @@ -5,8 +5,8 @@ let galleryController = {} galleryController.list = function(req, res, next){ - if(config.TOKEN !== '') - if(req.headers.auth !== config.TOKEN) + if(config.TOKEN === true) + if(req.headers.auth === config.clientToken) return res.status(401).send('not-authorized') db.table('gallery').select('id', 'name').then((data) => { @@ -16,8 +16,8 @@ galleryController.list = function(req, res, next){ galleryController.test = function(req, res, next){ - if(config.TOKEN !== '') - if(req.headers.auth !== config.TOKEN) + if(config.TOKEN === true) + if(req.headers.auth === config.clientToken) return res.status(401).send('not-authorized') let testdata = [ diff --git a/controllers/uploadController.js b/controllers/uploadController.js index 090181a..5afcc29 100644 --- a/controllers/uploadController.js +++ b/controllers/uploadController.js @@ -22,8 +22,8 @@ const upload = multer({ uploadsController.upload = function(req, res, next){ - if(config.TOKEN !== '') - if(req.headers.auth !== config.TOKEN) + if(config.TOKEN === true) + if(req.headers.auth !== config.clientToken) return res.status(401).send('not-authorized') let gallery = req.headers.gallery @@ -63,8 +63,8 @@ uploadsController.upload = function(req, res, next){ uploadsController.list = function(req, res){ - if(config.TOKEN !== '') - if(req.headers.auth !== config.TOKEN) + if(config.TOKEN === true) + if(req.headers.auth !== config.clientToken) return res.status(401).send('not-authorized') db.table('files').then((files) => { diff --git a/database/db.js b/database/db.js index 94f48c6..2dc2005 100644 --- a/database/db.js +++ b/database/db.js @@ -27,35 +27,38 @@ let init = function(db, config){ // == Generate a 1 time token == // db.table('tokens').then((tokens) => { - if(tokens.length === 0){ - - // This is the first launch of the app - let clientToken = require('randomstring').generate() - let adminToken = require('randomstring').generate() - - db.table('tokens').insert( - [ - { - name: 'client', - value: clientToken - }, - { - name: 'admin', - value: adminToken - } - ] - ).then(() => { - console.log('Your client token is: ' + clientToken) - console.log('Your admin token is: ' + adminToken) - config.clientToken = clientToken - config.adminToken = adminToken - }) - - } + if(tokens.length !== 0) return printAndSave(config, tokens[0].value, tokens[1].value) + + // This is the first launch of the app + let clientToken = require('randomstring').generate() + let adminToken = require('randomstring').generate() + + db.table('tokens').insert( + [ + { + name: 'client', + value: clientToken + }, + { + name: 'admin', + value: adminToken + } + ] + ).then(() => { + printAndSave(config, clientToken, adminToken) + }) + }) }) } +function printAndSave(config, clientToken, adminToken){ + console.log('Your client token is: ' + clientToken) + console.log('Your admin token is: ' + adminToken) + config.clientToken = clientToken + config.adminToken = adminToken +} + module.exports = init
\ No newline at end of file diff --git a/routes/api.js b/routes/api.js index 76fc768..7f1f047 100644 --- a/routes/api.js +++ b/routes/api.js @@ -4,15 +4,15 @@ const uploadController = require('../controllers/uploadController') const galleryController = require('../controllers/galleryController') routes.get ('/check', (req, res, next) => { - if(config.TOKEN === '') + if(config.TOKEN === true) return res.json({token: false}) return res.json({token: true}) }) routes.get('/info', (req, res, next) => { - if(config.TOKEN !== '') - if(req.headers.auth !== config.TOKEN) + if(config.TOKEN === true) + if(req.headers.auth !== config.clientToken) return res.status(401).send('not-authorized') return res.json({ |