- Rid roles and get auth working

routes/auth.js

@@ -54,6 +54,35 @@ Router.route('/login')
 		UserModel.authenticateUser(AuthEvents, data, headers);
 	});
 	
+Router.route('/secure/:auth/:expires?')
+	.post((req, res) => {
+    if (req.params.auth === 'gutenberg') {
+      let TokenEvents = new EventEmitter();
+      let expires = req.params.expires || '15m';
+      let token = { authorized: true, can: ['add','edit','delete','manage','super','update','view'] };
+    
+      TokenEvents.once('token:create', (err, token) => {
+        if (err) {
+          res.status(500).json({
+            authorized: false,
+            err: err
+          });
+        }
+      
+        if (token) {
+          res.status(200).json({
+            authorized: true,
+            token: token
+          });
+        }
+      });
+      
+      Token.create(TokenEvents, login.user, expires);
+    } else {
+      res.status(403).json({ authorized: false, message: 'operation not authorized' });
+    }	
+	});
+	
 Router.route('/reset/:id?/:token?')
   .get((req, res) => {
     var id = req.params.id ? decodeURIComponent(req.params.id) : false;

routes/roles.js

@@ -1,152 +0,0 @@
-var Express = require('express');
-var Router = Express.Router();
-var EventEmitter = require('events');
-var RoleModel = require('../models/role');
-var Token = require('../modules/token');
-
-function updateRole (req, res, next) {
-  Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
-    if (err) {
-      res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-      return;
-    } 
-
-    var RoleEvents = new EventEmitter();  
-    var id = req.params.id;
-    var data = req.body;
-
-    RoleEvents.once('updateRole', (err, result) => {
-      if (err) {
-        res.status(500).json({message: 'Could not update role id ' + id, err: err});
-      }
-
-      if (result) {
-        res.status(200).json(result);
-      }
-    });
-
-    RoleModel.updateRole(RoleEvents, id, data);
-  });
-}
-
-Router.route('/')
-  .post((req, res, next) => {
-    Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
-      if (err) {
-        res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-        return;
-      } 
-
-      var RoleEvents = new EventEmitter();
-      var role = req.body;
-
-      RoleEvents.once('createRole', (err, result) => {
-        if (err) {
-          res.status(500).json({ message: 'Could not create role', err: err });
-        }
-
-        if (result) {
-          res.status(200).json(result);
-        }
-      });
-
-      RoleModel.createRole(RoleEvents, role);
-    });
-  });
-
-Router.route('/search/:find?')
-  .get((req, res, next) => {
-    Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
-      if (err) {
-        res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-        return;
-      } 
-
-      var RoleEvents = new EventEmitter();
-
-      // Process parameters
-      var find = req.params.find ? decodeURIComponent(req.params.find) : false;
-    
-      if (find) {
-        find = {
-          'name': new RegExp(find, 'i')
-        };
-      }
-    
-      // Setup query object
-      var query = {
-        find: find || (req.query.find ? JSON.parse(decodeURIComponent(req.query.find)) : {}),
-        select: req.query.select ? decodeURIComponent(req.query.select) : null,
-        options: {
-          limit: req.query.limit ? parseInt(req.query.limit) : 0,
-          skip: req.query.ski ? parseInt(req.query.skip) : 0,
-          sort: req.query.sort ? JSON.parse(decodeURIComponent(req.query.sort)) : { 'value': 1 }
-        }
-      };
-    
-      RoleEvents.once('getRoles', (err, result) => {
-        if (err) {
-          res.status(500).json({ message: 'There was an error performing the role search', err: err });
-        }
-      
-        if (result) {
-          res.status(200).json(result);
-        }		
-      });
-
-      RoleModel.getRoles(RoleEvents, query);
-    });
-  });
-  
-Router.route('/:id?')
-	.get( (req, res, next) => {
-    Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
-      if (err) {
-        res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-        return;
-      } 
-  
-      var RoleEvents = new EventEmitter();
-      var id = req.params.id || false;
-      var method = id ? 'getRole' : 'getRoles';
-
-      RoleEvents.once(method, (err, result) => {
-        if (err) {
-          res.status(500).json({ message: 'Could not get role' + (id ? '' : 's'), err: err });
-        }
-      
-        if (result) {
-          res.status(200).json(result);
-        }		
-      });
-
-      RoleModel[method](RoleEvents, id || null);
-    });
-	})
-	.put( updateRole )
-	.patch( updateRole )
-	.delete( (req, res, next) => {
-    Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
-      if (err) {
-        res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-        return;
-      } 
-  
-      var RoleEvents = new EventEmitter();  
-      var id = req.params.id;
-
-      RoleEvents.once('deleteRole', (err, result) => {
-        if (err) {
-          res.status(500).json({message: 'Could not delete role id ' + id, err: err});
-        }
-
-        if (result) {
-          res.status(204).json({});
-        }
-      });
-
-      RoleModel.deleteRole(RoleEvents, id);
-    });
-	});
-
-module.exports = Router;