Remove authorization from specific routes (#642)

* fixes #569

* update listObjectsInS3ForUser

* update client-side routes

* update aws controller

* update

* redirect to /login when unlogged in
This commit is contained in:
Liang Tang 2018-05-30 12:37:10 +08:00 committed by Cassie Tarakajian
parent 4c46c3ba65
commit d5856ba923
7 changed files with 18 additions and 22 deletions

View file

@ -478,7 +478,7 @@ class Nav extends React.PureComponent {
</li>
<li className="nav__dropdown-item">
<Link
to={`/${this.props.user.username}/assets`}
to="/assets"
onFocus={this.handleFocus.bind(this, 'account')}
onBlur={this.handleBlur}
onClick={this.setDropdown.bind(this, 'none')}
@ -488,7 +488,7 @@ class Nav extends React.PureComponent {
</li>
<li className="nav__dropdown-item">
<Link
to={`/${this.props.user.username}/account`}
to="/account"
onFocus={this.handleFocus.bind(this, 'account')}
onBlur={this.handleBlur}
onClick={this.setDropdown.bind(this, 'none')}

View file

@ -11,9 +11,9 @@ function setAssets(assets) {
};
}
export function getAssets(username) {
export function getAssets() {
return (dispatch, getState) => {
axios.get(`${ROOT_URL}/S3/${username}/objects`, { withCredentials: true })
axios.get(`${ROOT_URL}/S3/objects`, { withCredentials: true })
.then((response) => {
dispatch(setAssets(response.data.assets));
})

View file

@ -13,7 +13,7 @@ import * as AssetActions from '../actions/assets';
class AssetList extends React.Component {
constructor(props) {
super(props);
this.props.getAssets(this.props.username);
this.props.getAssets();
}
getAssetsTitle() {

View file

@ -47,10 +47,10 @@ const routes = (store) => {
<Route path="/projects/:project_id" component={IDEView} />
<Route path="/full/:project_id" component={FullView} />
<Route path="/sketches" component={IDEView} />
<Route path="/assets" component={IDEView} />
<Route path="/account" component={forceToHttps(AccountView)} />
<Route path="/:username/sketches/:project_id" component={IDEView} />
<Route path="/:username/sketches" component={IDEView} />
<Route path="/:username/assets" component={IDEView} />
<Route path="/:username/account" component={forceToHttps(AccountView)} />
<Route path="/about" component={IDEView} />
<Route path="/feedback" component={IDEView} />
</Route>

View file

@ -109,7 +109,7 @@ export function copyObjectInS3(req, res) {
}
export function listObjectsInS3ForUser(req, res) {
const { username } = req.params;
const { username } = req.user;
findUserByUsername(username, (user) => {
const userId = user.id;
const params = {

View file

@ -7,6 +7,6 @@ const router = new Router();
router.post('/S3/sign', isAuthenticated, AWSController.signS3);
router.post('/S3/copy', isAuthenticated, AWSController.copyObjectInS3);
router.delete('/S3/:object_key', isAuthenticated, AWSController.deleteObjectFromS3);
router.get('/S3/:username/objects', AWSController.listObjectsInS3ForUser);
router.get('/S3/objects', AWSController.listObjectsInS3ForUser);
export default router;

View file

@ -57,7 +57,15 @@ router.get('/verify', (req, res) => {
});
router.get('/sketches', (req, res) => {
res.send(renderIndex());
req.user ? res.send(renderIndex()) : res.redirect('/login');
});
router.get('/assets', (req, res) => {
req.user ? res.send(renderIndex()) : res.redirect('/login');
});
router.get('/account', (req, res) => {
req.user ? res.send(renderIndex()) : res.redirect('/login');
});
router.get('/about', (req, res) => {
@ -74,16 +82,4 @@ router.get('/:username/sketches', (req, res) => {
));
});
router.get('/:username/assets', (req, res) => {
userExists(req.params.username, exists => (
exists ? res.send(renderIndex()) : get404Sketch(html => res.send(html))
));
});
router.get('/:username/account', (req, res) => {
userExists(req.params.username, exists => (
exists ? res.send(renderIndex()) : get404Sketch(html => res.send(html))
));
});
export default router;