From bdfd512c10986a9b4f137e668be6bd80dbd8f617 Mon Sep 17 00:00:00 2001
From: pitu <seligmannkevin@gmail.com>
Date: Tue, 17 Jan 2017 00:37:54 -0300
Subject: token handling and verification

---
 routes/api.js | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

(limited to 'routes')

diff --git a/routes/api.js b/routes/api.js
index 18135ac..aeedfa9 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -4,12 +4,34 @@ const uploadController = require('../controllers/uploadController')
 const galleryController = require('../controllers/galleryController')
 
 routes.get ('/check', (req, res, next) => {
-	return res.json({token: config.TOKEN})
+	return res.json({ private: config.private })
+})
+
+routes.get ('/verify', (req, res, next) => {
+	let type = req.headers.type
+	let token = req.headers.token
+
+	if(type === undefined) return res.json({ success: false, description: 'No type provided.' })
+	if(token === undefined) return res.json({ success: false, description: 'No token provided.' })
+	if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' })
+
+	if(type === 'client'){
+		if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' })
+		return res.json({ success: true })
+	}
+
+	if(type === 'admin'){
+		if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' })
+		return res.json({ success: true })
+	}
+
+	return res.json({ success: false, description: '(╯°□°）╯︵ ┻━┻' })
+
 })
 
 routes.get('/info', (req, res, next) => {
 
-	if(config.TOKEN === true)
+	if(config.private === true)
 		if(req.headers.auth !== config.clientToken)
 			return res.status(401).send('not-authorized')
 		
-- 
cgit v1.2.3