diff --git a/middlewares/public.js b/middlewares/public.js new file mode 100644 index 0000000..124f36c --- /dev/null +++ b/middlewares/public.js @@ -0,0 +1,11 @@ +const verifyAuth = require('./verifyAuth') + +const middlewareNoop = ( (_1, _2, next) => next() ) +const publicMiddleware = () => process.env.LISTS_PUBLIC === 'true' ? + (req, res, next) => { + if (!req.user) req.user = { _id: 'Unknown' } + next() + } + : verifyAuth() + +module.exports = publicMiddleware \ No newline at end of file diff --git a/routes/index.js b/routes/index.js index 68f7cbe..1be02ad 100644 --- a/routes/index.js +++ b/routes/index.js @@ -1,4 +1,5 @@ const verifyAuth = require('../middlewares/verifyAuth'); +const public = require('../middlewares/public'); const express = require('express'); const path = require('path'); @@ -16,7 +17,7 @@ module.exports = ({ db, config }) => { next(); } }, - verifyAuth(), + public(), (req, res) => { res.redirect('/wishlist'); } diff --git a/routes/wishlist/index.js b/routes/wishlist/index.js index 88f5805..a5a9e2d 100644 --- a/routes/wishlist/index.js +++ b/routes/wishlist/index.js @@ -1,4 +1,5 @@ const verifyAuth = require('../../middlewares/verifyAuth'); +const public = require('../../middlewares/public'); const getProductName = require('get-product-name'); const express = require('express'); const config = require('../../config'); @@ -29,7 +30,7 @@ const ValidURL = (string) => { // Ty SO module.exports = (db) => { const router = express.Router(); - router.get('/', verifyAuth(), async (req, res) => { + router.get('/', public(), async (req, res) => { const docs = await db.allDocs({ include_docs: true }) if (process.env.SINGLE_LIST === 'true') { for (row of docs.rows) { @@ -39,7 +40,7 @@ module.exports = (db) => { res.render('wishlists', { title: 'Wishlists', users: docs.rows, totals}) }); - router.get('/:user', verifyAuth(), async (req, res) => { + router.get('/:user', public(), async (req, res) => { try { const dbUser = await db.get(req.params.user); if (process.env.SINGLE_LIST === 'true') { diff --git a/views/includes/navbar.pug b/views/includes/navbar.pug index 39a9091..60f9ab9 100644 --- a/views/includes/navbar.pug +++ b/views/includes/navbar.pug @@ -23,13 +23,17 @@ nav.navbar.is-fixed-top(role='navigation', aria-label='main navigation',style='b .navbar-item.has-dropdown.is-hoverable a.navbar-link= req.user._id .navbar-dropdown - +navBarLink(`/wishlist/${req.user._id}`, 'My Wishlist') - +navBarLink('/profile', 'Profile') - if req.user.admin - +navBarLink('/admin-settings', 'Admin settings') - hr.navbar-divider - .navbar-item - form#logoutForm(action='/logout', method='POST') - button.button.is-warning(type='submit') Log Out + if req.user._id === 'Unknown' + .navbar-item + a.button.is-primary(href='/login') Log In + else + +navBarLink(`/wishlist/${req.user._id}`, 'My Wishlist') + +navBarLink('/profile', 'Profile') + if req.user.admin + +navBarLink('/admin-settings', 'Admin settings') + hr.navbar-divider + .navbar-item + form#logoutForm(action='/logout', method='POST') + button.button.is-warning(type='submit') Log Out //-+navBarLink('javascript:document.getElementById("logoutForm").submit()', 'Log Out') script(src="/js/nav.js") diff --git a/views/wishlist.pug b/views/wishlist.pug index 5503559..d6fb114 100644 --- a/views/wishlist.pug +++ b/views/wishlist.pug @@ -12,7 +12,8 @@ block title span #{config.siteTitle} - #{title} block content - script(type='data/user_id')= req.user._id + if req.user + script(type='data/user_id')= req.user._id if process.env.TABLE !== 'false' .box table.table.has-mobile-cards diff --git a/views/wishlists.pug b/views/wishlists.pug index e99d07e..bc7b9a4 100644 --- a/views/wishlists.pug +++ b/views/wishlists.pug @@ -2,12 +2,13 @@ extends layout.pug block content ul.noStyle.noLeftMargin - li - a(href=`/wishlist/${req.user._id}`) - .box - span=req.user._id - span : ???/??? - progress.progress(value=1, max=1) + if req.user._id !== 'Unknown' + li + a(href=`/wishlist/${req.user._id}`) + .box + span=req.user._id + span : ???/??? + progress.progress(value=1, max=1) each user in users if req.user._id !== user.id li