summaryrefslogtreecommitdiffstats
path: root/models/export.js
diff options
context:
space:
mode:
Diffstat (limited to 'models/export.js')
-rw-r--r--models/export.js44
1 files changed, 22 insertions, 22 deletions
diff --git a/models/export.js b/models/export.js
index 7a363dd3..7b22f45d 100644
--- a/models/export.js
+++ b/models/export.js
@@ -9,33 +9,33 @@ if (Meteor.isServer) {
/*
* This route is used to export the board FROM THE APPLICATION.
* If user is already logged-in, pass loginToken as param "authToken":
- * '/api/boards/:boardId?authToken=:token'
+ * '/api/boards/:boardId/export?authToken=:token'
*
* See https://blog.kayla.com.au/server-side-route-authentication-in-meteor/
* for detailed explanations
*/
- // JsonRoutes.add('get', '/api/boards/:boardId', function (req, res) {
- // const boardId = req.params.boardId;
- // let user = null;
- // // todo XXX for real API, first look for token in Authentication: header
- // // then fallback to parameter
- // const loginToken = req.query.authToken;
- // if (loginToken) {
- // const hashToken = Accounts._hashLoginToken(loginToken);
- // user = Meteor.users.findOne({
- // 'services.resume.loginTokens.hashedToken': hashToken,
- // });
- // }
+ JsonRoutes.add('get', '/api/boards/:boardId/export', function (req, res) {
+ const boardId = req.params.boardId;
+ let user = null;
+ // todo XXX for real API, first look for token in Authentication: header
+ // then fallback to parameter
+ const loginToken = req.query.authToken;
+ if (loginToken) {
+ const hashToken = Accounts._hashLoginToken(loginToken);
+ user = Meteor.users.findOne({
+ 'services.resume.loginTokens.hashedToken': hashToken,
+ });
+ }
- // const exporter = new Exporter(boardId);
- // if(exporter.canExport(user)) {
- // JsonRoutes.sendResult(res, 200, exporter.build());
- // } else {
- // // we could send an explicit error message, but on the other hand the only
- // // way to get there is by hacking the UI so let's keep it raw.
- // JsonRoutes.sendResult(res, 403);
- // }
- // });
+ const exporter = new Exporter(boardId);
+ if(exporter.canExport(user)) {
+ JsonRoutes.sendResult(res, { code: 200, data: exporter.build() });
+ } else {
+ // we could send an explicit error message, but on the other hand the only
+ // way to get there is by hacking the UI so let's keep it raw.
+ JsonRoutes.sendResult(res, 403);
+ }
+ });
}
class Exporter {
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-09-06 12:18:16 +0000