AdFabConnect /
abejs
| Conditions | 7 |
| Paths | 4 |
| Total Lines | 21 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
| 1 | var middleware = function(err, req, res, next) { |
||
| 2 | if (err.code !== 'EBADCSRFTOKEN') { |
||
| 3 | return next(err) |
||
| 4 | }else { |
||
| 5 | if( req.url.indexOf('/abe/users/forgot') > -1 || req.url.indexOf('/abe/users/login') > -1 || !/^\/abe/.test(req.url)) { |
||
| 6 | return next() |
||
| 7 | } |
||
| 8 | } |
||
| 9 | |||
| 10 | var isHtml = /text\/html/.test(req.get('accept')) ? true : false |
||
| 11 | if(isHtml) { |
||
| 12 | res.redirect('/abe/users/login') |
||
|
Best Practice
introduced
by
|
|||
| 13 | }else { |
||
| 14 | var notAuthorized = { |
||
| 15 | success: 0, |
||
| 16 | message: 'form tampered with !' |
||
| 17 | } |
||
| 18 | res.set('Content-Type', 'application/json') |
||
| 19 | res.send(JSON.stringify(notAuthorized)) |
||
| 20 | } |
||
| 21 | } |
||
| 22 | |||
| 23 | export default middleware |
Loading history...