cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create authorizedByAPIKey middleware

Browse Source
This commit is contained in:
Daniel García Aubert 2017-12-29 12:23:52 +01:00
parent 79233471c6
commit fda7661dad
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/cartodb/controllers/named_maps_admin.js
View File

@ -198,6 +198,26 @@ NamedMapsAdminController.prototype.list = function(req, res, next) {
); );
}; };
NamedMapsAdminController.prototype.authorizedByAPIKey = function (action) {
return function authorizedByAPIKeyMiddleware (req, res, next) {
const { user } = res.locals;
this.authApi.authorizedByAPIKey(user, req, (err, authenticated) => {
if (err) {
return next(err);
}
if (!authenticated) {
const error = new Error(`Only authenticated user can ${action} templated maps`);
error.http_status = 403;
return next(error);
}
next();
});
}.bind(this);
};
function finishFn(controller, req, res, description, status, next) { function finishFn(controller, req, res, description, status, next) {
return function finish(err, body){ return function finish(err, body){
if (err) { if (err) {