-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmiddleware.js
126 lines (104 loc) · 3.82 KB
/
middleware.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Description: This file contains all the middleware functions that are used in the application.
const ExpressError = require('./utils/ExpressError');
const catchAsync = require('./utils/catchAsync.js');
const Plant = require('./models/plant');
const SegInstruction = require('./models/segInstruction');
const mongoose = require('mongoose');
const { plantSchema, dueDateSchema, segInstructionSchema } = require('./schemas.js');
const user = require('./models/user.js');
module.exports.isLoggedIn = (req, res, next) => {
if (!req.isAuthenticated()) {
req.session.returnTo = req.originalUrl;
req.flash('error', 'You Must Be Signed In');
return res.redirect('/user/login');
}
next();
}
module.exports.storeReturnTo = (req, res, next) => {
if (req.session.returnTo) {
res.locals.returnTo = req.session.returnTo;
}
next();
}
module.exports.getCurrentPlantandInstructions = catchAsync(async (req, res, next) => {
const plantID = req.params.plantID;
if (!mongoose.isValidObjectId(plantID)) {
req.flash('error', 'Plant not Found!');
return res.redirect('/');
}
const currentPlant = await Plant.findById(plantID);
if (!currentPlant) {
req.flash('error', 'Plant does not exist!');
return res.redirect('/');
}
res.locals.currentPlant = currentPlant;
res.locals.segInstructions = await SegInstruction.find({}).sort({ segNum: 1 });
next()
});
module.exports.isAdmin = catchAsync(async (req, res, next) => {
;
if (!req.user.admin) {
req.flash('error', 'You do not have permission to do that!');
const redirectUrl = req.get('referer') || '/';
return res.redirect(redirectUrl);
}
next();
});
module.exports.hasPlantAccess = catchAsync(async (req, res, next) => {
;
if (!req.user.plants.includes(res.locals.currentPlant._id)) {
req.flash('error', 'You do not have permission to access this plant!');
const redirectUrl = req.get('referer') || '/';
return res.redirect(redirectUrl);
}
next();
});
module.exports.validatePlant = (req, res, next) => {
const { error } = plantSchema.validate(req.body);
if (error) {
const msg = error.details.map(el => el.message).join(',')
throw new ExpressError(msg, 400);
} else {
next();
}
}
module.exports.validateDueDate = (req, res, next) => {
const { error } = dueDateSchema.validate(req.body);
if (error) {
const msg = error.details.map(el => el.message).join(',')
throw new ExpressError(msg, 400);
} else {
next();
}
}
module.exports.validateSegInstruction = (req, res, next) => {
const { error } = segInstructionSchema.validate(req.body);
if (error) {
const msg = error.details.map(el => el.message).join(',')
throw new ExpressError(msg, 400);
} else {
next();
}
}
function passwordValidation(password) {
const passwordRegex = /^(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[!@#$%^&*]).{8,25}$/;
return passwordRegex.test(password);
}
module.exports.validateUser = (req, res, next) => {
let { username, password } = req.body;
username = username.toLowerCase().trim();
password = password.trim();
if (username && username.length < 4) {
req.flash('error', 'Username must be at least 4 characters long')
return res.redirect('/user/register')
}
if (username && username.length > 24) {
req.flash('error', 'Username must be less than 25 characters long')
return res.redirect('/user/register')
}
if (password && !passwordValidation(password)) {
req.flash('error', 'Password must be at least 8 characters long, contain at least one uppercase letter, one lowercase letter, one number, and one special character')
return res.redirect('/user/register')
}
next();
};