app.get('/users/validate_token', function(req, res){
usersImpl.validateToken(req.query.token, function(err, data){
if(err == undefined){
routeUtils.respond(req, res, data);
}else{
routeUtils.respond(req, res, err);
}
});
});
io.use(function(socket, next) {
var query = socket.handshake.query;
(query.facebookuser && query.facebookuser === true) ? query.facebookuser = '******' : query.facebookuser = '******';
if (auth.validateToken(query.email, query.token, query.facebookuser)) {
next();
} else {
//[BZ] TODO: Build more elegant error response for unauthorized requests.
//For now just return the 401 unauthorized error code
next(new Error('401'));
}
});
function authenticate(req, res, next) {
var query = req.query, facebookuser;
if( !validateReq(query) ) {
res.statusCode = 400;
res.end();
return;
}
facebookuser = query.facebookuser ? query.facebookuser : false;
if( auth.validateToken(query.email, query.authtoken, facebookuser)) {
next();
}
else {
res.statusCode = 403;
res.end();
}
}