Implémentation SkydiverId API
This commit is contained in:
+16
-16
@@ -21,9 +21,9 @@ router.param('application', function (req, res, next, slug) {
|
||||
});
|
||||
|
||||
router.get('/', auth.required, function (req, res, next) {
|
||||
var query = {};
|
||||
var limit = 25;
|
||||
var offset = 0;
|
||||
let query = {};
|
||||
let limit = 25;
|
||||
let offset = 0;
|
||||
|
||||
if (typeof req.query.limit !== 'undefined') {
|
||||
limit = req.query.limit;
|
||||
@@ -46,17 +46,17 @@ router.get('/', auth.required, function (req, res, next) {
|
||||
}
|
||||
return Promise.all([
|
||||
Application.find(query)
|
||||
.limit(Number(limit))
|
||||
.skip(Number(offset))
|
||||
.limit(Number(limit))
|
||||
.sort({ createdAt: 'desc' })
|
||||
.populate('author')
|
||||
.exec(),
|
||||
Application.count(query).exec(),
|
||||
req.payload ? User.findById(req.payload.id) : null
|
||||
]).then(function (results) {
|
||||
var applications = results[0];
|
||||
var applicationsCount = results[1];
|
||||
var user = results[2];
|
||||
let applications = results[0];
|
||||
let applicationsCount = results[1];
|
||||
let user = results[2];
|
||||
|
||||
return res.json({
|
||||
applications: applications.map(function (application) {
|
||||
@@ -73,17 +73,17 @@ router.post('/', auth.required, function (req, res, next) {
|
||||
User.findById(req.payload.id),
|
||||
auth.generateAPIKey()
|
||||
]).then(function (results) {
|
||||
var user = results[0];
|
||||
var keys = results[1];
|
||||
let user = results[0];
|
||||
let keys = results[1];
|
||||
if (!user) {
|
||||
return res.sendStatus(401).json({message: "Unauthorized - You are not allowed to access this resource."});
|
||||
}
|
||||
var application = new Application(req.body.application);
|
||||
let application = new Application(req.body.application);
|
||||
application.author = user;
|
||||
application.apikey = keys.encrypted;
|
||||
application.maskedkey = keys.masked;
|
||||
return application.save().then(function () {
|
||||
var msg = {
|
||||
let msg = {
|
||||
to: user.email,
|
||||
from: process.env.SENDGRID_FROM_MAIL,
|
||||
subject: `Api-Key ${application.title}`,
|
||||
@@ -96,7 +96,7 @@ router.post('/', auth.required, function (req, res, next) {
|
||||
<hr />
|
||||
<p>${application.description}</p>`
|
||||
};
|
||||
mailer.send(msg).then(resp => {
|
||||
mailer.send(msg).then(() => {
|
||||
return res.json({ application: application.toJSONFor(user) });
|
||||
})
|
||||
.catch(err => {
|
||||
@@ -112,7 +112,7 @@ router.get('/:application', auth.required, function (req, res, next) {
|
||||
req.payload ? User.findById(req.payload.id) : null,
|
||||
req.application.populate('author')
|
||||
]).then(function (results) {
|
||||
var user = results[0];
|
||||
let user = results[0];
|
||||
return res.json({ application: req.application.toJSONFor(user) });
|
||||
}).catch(next);
|
||||
});
|
||||
@@ -136,7 +136,7 @@ router.put('/:application', auth.required, function (req, res, next) {
|
||||
return res.json({ application: application.toJSONFor(user) });
|
||||
}).catch(next);
|
||||
} else {
|
||||
return res.sendStatus(403);
|
||||
return res.status(403).json({ errors: { "Forbidden": "Vous ne disposez pas des autorisations suffisantes" } });
|
||||
}
|
||||
});
|
||||
});
|
||||
@@ -145,14 +145,14 @@ router.put('/:application', auth.required, function (req, res, next) {
|
||||
router.delete('/:application', auth.required, function (req, res, next) {
|
||||
User.findById(req.payload.id).then(function (user) {
|
||||
if (!user) {
|
||||
return res.sendStatus(401).json({message: "Unauthorized - You are not allowed to access this resource."});
|
||||
return res.status(401).json({ errors: { "Unauthorized": "autentification requise" } });
|
||||
}
|
||||
if (user.role == 'Admin' || req.application.author._id.toString() === req.payload.id.toString()) {
|
||||
return req.application.remove().then(function () {
|
||||
return res.sendStatus(204);
|
||||
});
|
||||
} else {
|
||||
return res.sendStatus(403).json({message: "Forbidden - You are not allowed to access this resource."});
|
||||
return res.status(403).json({ errors: { "Forbidden": "Vous ne disposez pas des autorisations suffisantes" } });
|
||||
}
|
||||
}).catch(next);
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user