rateLimit({ windowMs: 30 * 1000, // 1 hour window max: 2, // start blocking after 5 requests message: "Too many requests, please wait 30 seconds", keyGenerator: function(req){ return req.user.name; } })
router.get('/dashboard', ensureAuthenticated, (req, res) => { res.render('dashboard', { user: req.user.name }); });
this.router.put("/unfollow/:coachId",util.ensureAuthenticated, async function(req,res){ try { let result = await accountService.unfollow(req.user.name, Number(req.params.coachId)); res.status(200).send(!result); } catch (ex){ console.error(ex); res.status(500).send('Something something error'); } });
router.get('/profile', passport.authenticate('jwt', {session: false}), (req, res) => { return res.json({ id: req.user.id, name: req.user.name, email: req.user.email }); });
this.router.put("/start/:division/:round/:house",util.ensureAuthenticated,apiRateLimiter, async function(req,res){ try{ await clanService.startCompetitions(req.user.name,req.params.division, Number(req.params.round), Number(req.params.house)); res.status(200).send(); } catch(e){ loggingService.error(e); res.status(400).send(e.message); } });
router.get('/', util.hasRole("admin"), async function(req, res){ try{ let user = await accountService.getAccount(req.user.name); res.render('admin/user/index', {user:user}); } catch(err){ console.log(err); } });
router.get('/', async function(req, res){ if(res.locals.user) { let user = await accountService.getAccount(req.user.name); res.render("rebbl/upcoming/index",{user:user}); } else { res.render("rebbl/upcoming/index"); } });
this.router.get("/", util.ensureAuthenticated, async function(req, res){ const account = await accountService.getAccount(req.user.name); const clan = await clanService.getClanByUser(account.coach); const leader = await accountService.hasRole(req.user.name, "clanleader"); res.json({ clan:clan, leader:leader && account.coach.toLowerCase() === clan.leader.toLowerCase() } ); });
this.router.get("/following/:coachId",util.ensureAuthenticated, async function(req,res){ try { const account = await accountService.getAccount(req.user.name); const isFollowing = account.following && account.following.indexOf(Number(req.params.coachId)) > -1; res.status(200).send(isFollowing === true); } catch (ex){ console.error(ex); res.status(500).send('Something something error'); } });
/* authentication required and authorization check */ app.get('/alice', passport.authenticate('basic', {session: false}), authorize('alice'), (req, res, next) => { res.send(`I know you and you are authorized ${req.user.name}.\n`); });
// passport-http-bearer token 中间件验证 // 通过 header 发送 Authorization -> Bearer + token // 或者通过 ?access_token = token router.get('/user/user_info', passport.authenticate('bearer', { session: false }), function(req, res) { res.json({username: req.user.name}); });
router.get('/', util.ensureAuthenticated, util.hasRole("admin"), async function(req, res){ try{ let user = await accountService.getAccount(req.user.name); res.render('admin/strikes/index', {user:user}); } catch(err){ console.log(err); } });
this.router.put("/follow/:coachId",util.ensureAuthenticated, async function(req,res){ try { let result = await accountService.follow(req.user.name, Number(req.params.coachId)); res.status(200).send(result); } catch (ex){ console.error(ex); res.status(500).send('Something something error'); } });
router.get('/me', passport.authenticate('jwt', { session: false }), (req, res) => { return res.json({ id: req.user.id, name: req.user.name, email: req.user.email }); });
rateLimit({ windowMs: 60 * 1000, // 1 hour window max: 1, // start blocking after 1 requests message: "Please don't spam this, wait 60 seconds", keyGenerator: function(req){ return req.user.name; } })