Commit 89bc7c99e2f1af1b6316df97ca6d17e4d20dc3fa
1 parent
097f26f7
Améliorations diverses
* Correction de certains plantages eventuels si aucune donnée n'était envoyée * Amélioré l'affichage de certaines erreurs
Showing
6 changed files
with
48 additions
and
34 deletions
Show diff stats
app/routes/ApiRtes.js
| ... | ... | @@ -10,6 +10,9 @@ var api = express(); |
| 10 | 10 | // Authentication |
| 11 | 11 | reqAuth = function () { |
| 12 | 12 | return function (req, res, next) { |
| 13 | + if (!req.cookies) { | |
| 14 | + res.status(401).end(); | |
| 15 | + } | |
| 13 | 16 | SessionsServ.use(req.cookies.session, function (err, session) { |
| 14 | 17 | if (err) { |
| 15 | 18 | res.status(500).send(err); |
| ... | ... | @@ -51,22 +54,32 @@ reqPerm = function (perm) { |
| 51 | 54 | |
| 52 | 55 | assert = function (test) { |
| 53 | 56 | return function (req, res, next) { |
| 54 | - reqAuth()(req, res, function () { | |
| 55 | - test(req, res, function (err, verified) { | |
| 56 | - if (err) { | |
| 57 | - res.status(500).send(err); | |
| 57 | + test(req, res, function (err, verified) { | |
| 58 | + if (err) { | |
| 59 | + res.status(500).send(err); | |
| 60 | + } else { | |
| 61 | + if (verified) { | |
| 62 | + next(); | |
| 58 | 63 | } else { |
| 59 | - if (verified) { | |
| 60 | - next(); | |
| 61 | - } else { | |
| 62 | - res.status(400).end(); | |
| 63 | - } | |
| 64 | + res.status(400).end(); | |
| 64 | 65 | } |
| 65 | - }); | |
| 66 | + } | |
| 66 | 67 | }); |
| 67 | 68 | }; |
| 68 | 69 | }; |
| 69 | 70 | |
| 71 | +decrypt = function () { | |
| 72 | + return function (req, res, next) { | |
| 73 | + assert(function (req, res, cb) { | |
| 74 | + cb(null, req.body && typeof req.body[0] == 'string' && req.body[0] !== ''); | |
| 75 | + })(req, res, function () { | |
| 76 | + DecryptServ.decrypt(req.body[0], function (data) { | |
| 77 | + req.body = JSON.parse(data); | |
| 78 | + next(); | |
| 79 | + }); | |
| 80 | + }); | |
| 81 | + }; | |
| 82 | +}; | |
| 70 | 83 | |
| 71 | 84 | // Sessions |
| 72 | 85 | api.get('/session', function (req, res) { // Informations sur la session |
| ... | ... | @@ -84,16 +97,16 @@ api.get('/session', function (req, res) { // Informations sur la session |
| 84 | 97 | } |
| 85 | 98 | }); |
| 86 | 99 | |
| 87 | -api.post('/session', function (req, res) { // Se connecter | |
| 88 | - DecryptServ.decrypt(req.body[0], function (data) { | |
| 89 | - SessionsServ.open(JSON.parse(data), function (err, session) { | |
| 90 | - if (err) { | |
| 91 | - res.status(500).send(err); | |
| 92 | - } else { | |
| 93 | - res.cookie('session', session._id); | |
| 94 | - res.send(session); | |
| 95 | - } | |
| 96 | - }); | |
| 100 | +api.post('/session', decrypt(), assert(function (req, res, cb) { | |
| 101 | + cb(null, req.body && typeof req.body.login == 'string' && req.body.login !== '' && typeof req.body.pass == 'string' && req.body.pass !== ''); | |
| 102 | +}), function (req, res) { // Se connecter | |
| 103 | + SessionsServ.open(req.body, function (err, session) { | |
| 104 | + if (err) { | |
| 105 | + res.status(500).send(err); | |
| 106 | + } else { | |
| 107 | + res.cookie('session', session._id); | |
| 108 | + res.send(session); | |
| 109 | + } | |
| 97 | 110 | }); |
| 98 | 111 | }); |
| 99 | 112 | ... | ... |
app/services/MembresServ.js
public/js/controllers/ConnectCtrl.js
| ... | ... | @@ -7,7 +7,7 @@ angular.module('ConnectCtrl', ['SessionsServ', 'EncryptServ', 'angular-ladda']). |
| 7 | 7 | $scope.connect = { |
| 8 | 8 | connect: function () { |
| 9 | 9 | $scope.connecting = true; |
| 10 | - SessionServ.connect($scope.connect.login, $scope.connect.pass, function(err) { | |
| 10 | + SessionServ.connect($scope.connect.login, $scope.connect.pass, function (err) { | |
| 11 | 11 | $scope.connecting = false; |
| 12 | 12 | if (!err) { |
| 13 | 13 | window.history.back(); | ... | ... |
public/js/controllers/MembreCtrl.js
| ... | ... | @@ -14,14 +14,18 @@ angular.module('MembreCtrl', ['SessionsServ', 'ApiServ']).controller('MembreCtrl |
| 14 | 14 | |
| 15 | 15 | $scope.createMembre = function () { |
| 16 | 16 | ApiServ("création du membre", 'post', 'membres', $scope.formData, function (err, membre) { |
| 17 | - $scope.formData = {}; | |
| 18 | - $scope.membres.push(membre); | |
| 17 | + if (!err) { | |
| 18 | + $scope.formData = {}; | |
| 19 | + $scope.membres.push(membre); | |
| 20 | + } | |
| 19 | 21 | }); |
| 20 | 22 | }; |
| 21 | 23 | |
| 22 | 24 | $scope.deleteMembre = function (index) { |
| 23 | 25 | ApiServ("création du membre", 'delete', 'membres', $scope.membres[index]._id, function (err, data) { |
| 24 | - $scope.membres.splice(index, 1); | |
| 26 | + if (!err) { | |
| 27 | + $scope.membres.splice(index, 1); | |
| 28 | + } | |
| 25 | 29 | }); |
| 26 | 30 | }; |
| 27 | 31 | } | ... | ... |
public/js/services/ApiServ.js
| ... | ... | @@ -26,7 +26,7 @@ angular.module('ApiServ', ['NotifyServ']).service('ApiServ', ['$http', 'NotifySe |
| 26 | 26 | }) |
| 27 | 27 | .error(function (data, status) { |
| 28 | 28 | cb(status); |
| 29 | - NotifyServ.error("Échec : ", name, status + (data ? ' : ' + data : '')); | |
| 29 | + NotifyServ.error("Échec : ", name, status + (data ? ' : ' + JSON.stringify(data) : '')); | |
| 30 | 30 | // console.error(name, status, data); |
| 31 | 31 | }); |
| 32 | 32 | }; | ... | ... |
public/js/services/SessionServ.js
| ... | ... | @@ -47,18 +47,17 @@ angular.module('SessionsServ', ['NotifyServ', 'EncryptServ']).service('SessionSe |
| 47 | 47 | _this.updateSessionInfos(body); |
| 48 | 48 | if (_this.cur) { |
| 49 | 49 | not.success("Connecté en tant que <strong>" + _this.cur.nom + "</strong>"); |
| 50 | - if (cb) | |
| 51 | - cb(null); | |
| 50 | + cb(null); | |
| 52 | 51 | } else { |
| 53 | 52 | if (body === 'invalid') { |
| 54 | 53 | not.warn("Identifiants invalides"); |
| 55 | 54 | } |
| 56 | - if (cb) | |
| 57 | - cb(body); | |
| 55 | + cb(body); | |
| 58 | 56 | } |
| 59 | - }).error(function (body) { | |
| 60 | - not.error("Impossible de se connecter", body); | |
| 61 | - cb(body); | |
| 57 | + }).error(function (data, status) { | |
| 58 | + err = status + (data ? ' : ' + JSON.stringify(data) : ''); | |
| 59 | + not.error("Impossible de se connecter", err); | |
| 60 | + cb(err); | |
| 62 | 61 | }); |
| 63 | 62 | }); |
| 64 | 63 | }, | ... | ... |