overleaf/services/web/app/coffee/Features/SudoMode/SudoModeMiddlewear.coffee
Simon Detheridge 50cba1a86f Merge pull request #1153 from sharelatex/spd-open-in-overleaf-local-storage
Use browser local storage instead of session for tex snippets

GitOrigin-RevId: 9609dc882c37ccd2f58bf6d36ea851bbe746fa25
2018-11-26 16:53:31 +00:00

25 lines
1 KiB
CoffeeScript

logger = require 'logger-sharelatex'
SudoModeHandler = require './SudoModeHandler'
AuthenticationController = require '../Authentication/AuthenticationController'
Settings = require 'settings-sharelatex'
module.exports = SudoModeMiddlewear =
protectPage: (req, res, next) ->
if req.externalAuthenticationSystemUsed() and !Settings.overleaf?
logger.log {userId}, "[SudoMode] using external auth, skipping sudo-mode check"
return next()
userId = AuthenticationController.getLoggedInUserId(req)
logger.log {userId}, "[SudoMode] protecting endpoint, checking if sudo mode is active"
SudoModeHandler.isSudoModeActive userId, (err, isActive) ->
if err?
logger.err {err, userId}, "[SudoMode] error checking if sudo mode is active"
return next(err)
if isActive
logger.log {userId}, "[SudoMode] sudo mode active, continuing"
return next()
else
logger.log {userId}, "[SudoMode] sudo mode not active, redirecting"
AuthenticationController.setRedirectInSession(req)
return res.redirect('/confirm-password')