Some final refinements on the node-server

Author: grtjn

app/templates/gulpfile.js

@@ -761,7 +761,7 @@ function getNodeOptions(env) {
     delayTime: 1,
     env: {
       'PORT': port,
-      'NODE_ENV': isDevMode(env) ? 'dev' : 'build',
+      'NODE_ENV': env,
       'APP_PORT': port,
       'ML_HOST': args['ml-host'] || process.env.ML_HOST || envJson['ml-host'] || config.marklogic.host,
       'ML_APP_USER': args['ml-app-user'] || process.env.ML_APP_USER || envJson['ml-app-user'] || config.marklogic.user,
@@ -870,7 +870,7 @@ function startTests(singleRun, done) {
   if (args.startServers) {
     log('Starting servers');
     var savedEnv = process.env;
-    savedEnv.NODE_ENV = 'dev';
+    savedEnv.NODE_ENV = 'local';
     savedEnv.PORT = 8888;
     child = fork(config.nodeServer);
   } else {

app/templates/node-server/node-app.js

@@ -30,7 +30,7 @@ console.log('NODE_ENV=' + environment);
 switch (environment){
   case 'prod':
   case 'dev':
-    console.log('** BUILD **');
+    console.log('** DIST **');
     app.use(express.static('./dist/'));
     // Any invalid calls for templateUrls are under app/* and should return 404
     app.use('/app/*', function(req, res, next) {
@@ -40,7 +40,7 @@ switch (environment){
     app.use('/*', express.static('./dist/index.html'));
     break;
   default:
-    console.log('** DEV **');
+    console.log('** UI **');
     app.use(express.static('./ui/'));
     app.use(express.static('./')); // for bower_components
     app.use(express.static('./tmp'));

app/templates/node-server/proxy.js

@@ -22,7 +22,7 @@ var options = require('./utils/options')();
 // For any other GET request, proxy it on to MarkLogic.
 router.get('*', function(req, res) {
   noCache(res);
-  if (!options.guestAccess && req.session.user === undefined) {
+  if (!options.guestAccess && (req.session.user === undefined)) {
     res.status(401).send('Unauthorized');
   } else {
     proxy(req, res);
@@ -35,24 +35,21 @@ router.put('*', function(req, res) {
   // For PUT requests, require authentication
   if (req.session.user === undefined) {
     res.status(401).send('Unauthorized');
-  } else if (options.disallowUpdates || (req.path === '/v1/documents' &&
+  } else if (options.disallowUpdates || ((req.path === '/documents') &&
     req.query.uri.match('/api/users/') &&
-    req.query.uri.match(new RegExp('/api/users/[^(' + req.session.user.username + ')]+.json')))) {
+    !req.query.uri.match('/api/users/' + req.session.user.username + '.json'))) {
     // The user is trying to PUT to a profile document other than his/her own. Not allowed.
     res.status(403).send('Forbidden');
   } else {
-    if (req.path === '/v1/documents' && req.query.uri.match('/users/')) {
-      var json = req.body.user ? req.body : JSON.parse(req.body);
-      req.session.user.profile = json.user;
-    }
+    // proxy original request
     proxy(req, res);
   }
 });
 
 // Require authentication for POST requests
 router.post(/^\/(alert\/match|search|suggest|values\/.*)$/, function(req, res) {
   noCache(res);
-  if (!options.guestAccess && req.session.user === undefined) {
+  if (!options.guestAccess && (req.session.user === undefined)) {
     res.status(401).send('Unauthorized');
   } else {
     proxy(req, res);
@@ -83,7 +80,8 @@ router.delete('*', function(req, res) {
 
 function getAuth(options, session) {
   var auth = null;
-  if (session.user !== undefined && session.user.username !== undefined) {
+
+  if ((session.user !== undefined) && (session.user.username !== undefined)) {
     auth =  session.user.username + ':' + session.user.password;
   }
   else {

app/templates/node-server/routes.js

@@ -57,7 +57,9 @@ router.get('/user/status', function(req, res) {
           req.session.user.profile
         ));
       } else {
-        res.send({authenticated: false});
+        res.send(authStatus(
+          false
+        ));
       }
     });