function(err) {
debugger;
if (err) {
return reply(err);
}
request.auth.session.set({
sid: uuid
});
Utils.serverLog(["auth"], "session data was set in catbox: \n key: " + uuid + " \n value: " + JSON.stringify(credentials));
return reply.redirect("/" + request.params.lang + "/dashboard");
}
handler: function(request, reply) {
Utils.logCallsite(Hoek.callStack()[0]);
if(!request.auth.isAuthenticated){
Utils.serverLog(["auth"], "requested " + request.path + " but authentication failed - will now redirect to /{lang}/login");
return reply.redirect("/" + request.params.lang + "/login");
}
var context = {
texts: _.indexBy(request.pre.texts, "id"),
textsArray: request.pre.texts,
auth: request.auth,
urlParam1: "dashboard",
showEnglish: request.pre.showEnglish
};
return reply.view('dashboard', {
ctx: context
});
},
request.server.seneca.act({role: "users", cmd: "read", emails: emails, raw: true}, function(err, data){
// status 3 - the provided username (email) does not exist in the "users" table
if(err && err.isBoom && err.output.statusCode === 404){
statusCode = 3; // "username does not exist"
return reply.redirect("/" + request.params.lang + "/login?lfr=" + statusCode);
}
var passwordIsCorrect = Bcrypt.compareSync(password, data[0]["pw_hash"]);
// status 4 - the provided password is incorrect (for the corresponding provided username)
if(!passwordIsCorrect){
statusCode = 4; // "wrong password"
return reply.redirect("/" + request.params.lang + "/login?lfr=" + statusCode);
}
// if we arrive here, the username and password match
Utils.serverLog(["auth"], "password is correct for user " + data[0]["email"]);
var isAdmin = Utils.isAdmin(request.pre.usersGroups, data[0]["id"]);
var canEditTexts = Utils.canEditTexts(request.pre.usersGroups, data[0]["id"]);
var canDeleteTexts = Utils.canDeleteTexts(request.pre.usersGroups, data[0]["id"]);
var canEditMaps = Utils.canEditMaps(request.pre.usersGroups, data[0]["id"]);
var canDeleteMaps = Utils.canDeleteMaps(request.pre.usersGroups, data[0]["id"]);
var canEditFiles = Utils.canEditFiles(request.pre.usersGroups, data[0]["id"]);
var canDeleteFiles = Utils.canDeleteFiles(request.pre.usersGroups, data[0]["id"]);
//console.log("data[0]", data[0]);
var usersGroups = data[0]["user_groups"];
var credentials = {
id: data[0]["id"],
firstName: data[0]["first_name"],
lastName: data[0]["last_name"],
email: data[0]["email"],
// will be true if the user belongs to the group "admin"
//isAdmin: !! _.findWhere(usersGroups, {code: 99}),
// will be true if the user belongs to some group that has the
// canEditTexts permission
//canEditTexts: !! _.chain(usersGroups).pluck("permissions").findWhere({canEditTexts: true}).value()
isAdmin: isAdmin,
canEditTexts: canEditTexts,
canDeleteTexts: canDeleteTexts,
canEditMaps: canEditMaps,
canDeleteMaps: canDeleteMaps,
canEditFiles: canEditFiles,
canDeleteFiles: canDeleteFiles
};
// a user in the admin group can always edit texts (force the property to be always true)
if(credentials.isAdmin){
credentials.canEditTexts = true;
}
console.log("credentials: ", credentials);
// set the session in the internal cache (Catbox with memory adapter)
var uuid = UUID.v4();
request.server.app.cache.set(
uuid,
{
//account: credentials
sessionData: credentials
},
0,
function(err) {
debugger;
if (err) {
return reply(err);
}
request.auth.session.set({
sid: uuid
});
Utils.serverLog(["auth"], "session data was set in catbox: \n key: " + uuid + " \n value: " + JSON.stringify(credentials));
return reply.redirect("/" + request.params.lang + "/dashboard");
}
);
});