CODEWITHSUNDEEP
node.jssails.jsmiddleware
Juraj Petrik
Juraj Petrik

Reputation: 905

Sails.js route redirect with a custom policy

Situation I want to achieve:

Request to /register runs AuthController.register

Request to /facebook runs AuthController.register but applies a facebook policy before.

I have created a policy in 

/api/policies/facebook.js

like this

var graph = require('fbgraph');

module.exports = function(req, res, next) {

    facebook_token = req.query.facebook_token;
    if(!facebook_token){
        res.send('401',{error:"Missing facebook token"});
    }
    graph.setAccessToken(facebook_token);
    graph.get("me",function(err,graph_res){
      if(err){
        res.send('401',{error:"Facebook authentication error"});
        return;
      }
      else{
        next();      
      }
    });  
};

Set it up policies in

/config/policies.js

like this 

module.exports.policies = {
   'auth': {
     'facebook': ['facebook']
   }
}

I set up my routes like this

module.exports.routes = {
   'post /register': 'AuthController.register',
   'post /facebook': 'AuthController.register',
};

Now the code in facebook policy doesn't get called. How would I accomplish something like this?

Upvotes: 2

Views: 1103

Answers (1)

Fissio
Fissio

Reputation: 3758

I'm not sure if policies can work the way you have intended them to. In your current /config/policies.js you're telling Sails to run the facebook.js policy whenever the AuthController action facebook is called. Since you have no such action defined in the controller, the policy never gets run. To policies, it doesn't matter which way the request came from, what matters is which controller action the request is trying to access.

What you could do, however, is to run the policy on every call to AuthController.register, and add a line in the policy file to check whether the request came from /facebook or not.

/config/policies.js:

module.exports.policies = {
    auth': {
    'register': ['facebook']
    }
}

/api/policies/facebook.js:

module.exports = function(req, res, next) {
    if (req.route.path === '/facebook') {
        facebook_token = req.query.facebook_token;
        if(!facebook_token){
            res.send('401',{error:"Missing facebook token"});
        }
        graph.setAccessToken(facebook_token);
        graph.get("me",function(err,graph_res){
          if(err){
            res.send('401',{error:"Facebook authentication error"});
            return;
          }
          else{
            next();      
          }
        });
    }
    else return next();
};

Upvotes: 1

Related Questions