From c0cc015c81c28bdc25a975f752e837f8cbd44bbe Mon Sep 17 00:00:00 2001
From: Rogerio Chaves <rogeriocfj@gmail.com>
Date: Wed, 22 Apr 2020 08:14:47 +0200
Subject: [PATCH] Refactor to make it login protected first, and public route
 only if specified

---
 app/lib/express.js | 40 ++++++++--------------------------------
 app/lib/utils.js   | 19 ++++++++++++++-----
 2 files changed, 22 insertions(+), 37 deletions(-)

diff --git a/app/lib/express.js b/app/lib/express.js
index 361b092..d8cd4d0 100644
--- a/app/lib/express.js
+++ b/app/lib/express.js
@@ -155,7 +155,7 @@ app.use((_req, res, next) => {
 
 const router = asyncRouter(app);
 
-router.get("/", async (req, res) => {
+router.get("/", { public: true }, async (req, res) => {
   if (!req.context.profile) {
     return res.render("index");
   }
@@ -173,11 +173,11 @@ router.get("/", async (req, res) => {
   });
 });
 
-router.get("/login", (_req, res) => {
+router.get("/login", { public: true }, (_req, res) => {
   res.render("login", { mode });
 });
 
-router.post("/login", async (req, res) => {
+router.post("/login", { public: true }, async (req, res) => {
   const submittedKey =
     req.files && req.files.ssb_key
       ? req.files.ssb_key.data.toString()
@@ -199,7 +199,7 @@ router.post("/login", async (req, res) => {
   }
 });
 
-router.get("/download", (_req, res) => {
+router.get("/download", { public: true }, (_req, res) => {
   res.render("download");
 });
 
@@ -208,7 +208,7 @@ router.get("/logout", async (_req, res) => {
   res.redirect("/");
 });
 
-router.get("/signup", (req, res) => {
+router.get("/signup", { public: true }, (req, res) => {
   if (req.context.profile) {
     return res.redirect("/");
   }
@@ -216,7 +216,7 @@ router.get("/signup", (req, res) => {
   res.render("signup", { mode });
 });
 
-router.post("/signup", async (req, res) => {
+router.post("/signup", { public: true }, async (req, res) => {
   const name = req.body.name;
   const picture = req.files && req.files.pic;
 
@@ -294,10 +294,6 @@ router.get("/keys/download", async (req, res) => {
 });
 
 router.get("/profile/:id(*)", async (req, res) => {
-  if (!req.context.profile) {
-    return res.render("index");
-  }
-
   const id = req.params.id;
 
   if (id == req.context.profile.id) {
@@ -448,10 +444,6 @@ router.post("/pubs/add", async (req, res) => {
 });
 
 router.get("/about", (req, res) => {
-  if (!req.context.profile) {
-    return res.render("index");
-  }
-
   res.render("about");
 });
 
@@ -489,9 +481,6 @@ router.post("/about", async (req, res) => {
 });
 
 router.get("/communities", async (req, res) => {
-  if (!req.context.profile) {
-    return res.render("index");
-  }
   const communities = await queries.getCommunities(ssbServer);
 
   res.render("communities/list", { communities });
@@ -507,9 +496,7 @@ const communityData = (req) => {
 
 router.get("/communities/:name", async (req, res) => {
   const name = req.params.name;
-  if (!req.context.profile) {
-    return res.render("index");
-  }
+
   const [community, posts] = await Promise.all([
     communityData(req),
     queries.getCommunityPosts(ssbServer, name),
@@ -555,10 +542,6 @@ router.post("/communities/:name/:key(*)/publish", async (req, res) => {
   const key = req.params.key;
   const reply = req.body.reply;
 
-  if (!req.context.profile) {
-    return res.render("index");
-  }
-
   await ssbServer.identities.publishAs({
     id: req.context.profile.id,
     private: false,
@@ -577,9 +560,6 @@ router.get("/communities/:name/:key(*)", async (req, res) => {
   const name = req.params.name;
   const key = "%" + req.params.key;
 
-  if (!req.context.profile) {
-    return res.render("index");
-  }
   const [community, posts] = await Promise.all([
     communityData(req),
     queries.getPostWithReplies(ssbServer, name, key),
@@ -593,10 +573,6 @@ router.get("/communities/:name/:key(*)", async (req, res) => {
 });
 
 router.get("/search", async (req, res) => {
-  if (!req.context.profile) {
-    return res.render("index");
-  }
-
   const query = req.query.query;
 
   let results = {
@@ -612,7 +588,7 @@ router.get("/search", async (req, res) => {
   res.render("search", { ...results, query });
 });
 
-router.get("/blob/*", (req, res) => {
+router.get("/blob/*", { public: true }, (req, res) => {
   serveBlobs(ssbServer)(req, res);
 });
 
diff --git a/app/lib/utils.js b/app/lib/utils.js
index 9060360..8e0a6ec 100644
--- a/app/lib/utils.js
+++ b/app/lib/utils.js
@@ -7,7 +7,16 @@ const metrics = require("./metrics");
 module.exports.asyncRouter = (app) => {
   const debug = require("debug")("router");
 
-  let wrapper = (method, path, fn) => async (req, res, next) => {
+  let wrapper = (method, path, opts, fn) => async (req, res, next) => {
+    if (typeof opts == "function") fn = opts;
+    if (!opts.public && !req.context.profile) {
+      if (method == "POST") {
+        res.status(401);
+        return res.send("You are not logged in");
+      }
+      return res.redirect("/");
+    }
+
     try {
       debug(`${method} ${path}`);
       metrics.router.inc({ method, path });
@@ -17,12 +26,12 @@ module.exports.asyncRouter = (app) => {
     }
   };
   return {
-    get: (path, fn) => {
-      app.get(path, wrapper("GET", path, fn));
+    get: (path, fn, opts) => {
+      app.get(path, wrapper("GET", path, fn, opts));
     },
-    post: (path, fn) => {
+    post: (path, fn, opts) => {
       debug(`POST ${path}`);
-      app.post(path, wrapper("POST", path, fn));
+      app.post(path, wrapper("POST", path, fn, opts));
     },
   };
 };