Update to move gitlab api path to sub path and fix its find user method for PR #121

Author: jackycute

app.js

@@ -16,7 +16,6 @@ var formidable = require('formidable');
 var morgan = require('morgan');
 var passportSocketIo = require("passport.socketio");
 var helmet = require('helmet');
-var request = require('request');
 
 //core
 var config = require("./lib/config.js");
@@ -83,9 +82,6 @@ var sessionStore = new SequelizeStore({
 //compression
 app.use(compression());
 
-//cookies
-app.use(cookieParser());
-
 // use hsts to tell https users stick to this
 app.use(helmet.hsts({
     maxAge: 31536000 * 1000, // 365 days
@@ -310,8 +306,7 @@ if (config.gitlab) {
             res.redirect(config.serverurl);
         });
     //gitlab callback actions
-    // TODO: Maybe in the future
-    //app.get('/auth/gitlab/callback/:noteId/:action', response.gitlabActions);
+    app.get('/auth/gitlab/callback/:noteId/:action', response.gitlabActions);
 }
 //dropbox auth
 if (config.dropbox) {
@@ -442,29 +437,6 @@ app.post('/uploadimage', function (req, res) {
         }
     });
 });
-//get gitlab parameters
-app.get('/gitlab', function (req, res) {
-    var ret = { baseURL: config.gitlab.baseURL };
-    models.User.findById(req.cookies.userid)
-        .then(function(user) {
-            ret.accesstoken = user.accessToken;
-            ret.profileid = user.profileid;
-            request(
-                config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken,
-                function(error, httpResponse, body) {
-                    if (!error && httpResponse.statusCode == 200) {
-                        ret.projects = JSON.parse(body);
-                        return res.send(ret);
-                    } else {
-                        return res.send(ret);
-                    }
-                }
-            );
-        }).catch(function(err) {
-        logger.error('user search failed: ' + err);
-        return response.errorInternalError(res);
-    });
-});
 //get new note
 app.get("/new", response.newNote);
 //get publish note

lib/response.js

@@ -51,7 +51,8 @@ var response = {
     showIndex: showIndex,
     noteActions: noteActions,
     publishNoteActions: publishNoteActions,
-    githubActions: githubActions
+    githubActions: githubActions,
+    gitlabActions: gitlabActions
 };
 
 function responseError(res, code, detail, msg) {
@@ -435,6 +436,53 @@ function githubActionGist(req, res, note) {
     }
 }
 
+function gitlabActions(req, res, next) {
+    var noteId = req.params.noteId;
+    findNote(req, res, function (note) {
+        var action = req.params.action;
+        switch (action) {
+        case "projects":
+            gitlabActionProjects(req, res, note);
+            break;
+        default:
+            res.redirect(config.serverurl + '/' + noteId);
+            break;
+        }
+    });
+}
+
+function gitlabActionProjects(req, res, note) {
+    if (req.isAuthenticated()) {
+        models.User.findOne({
+            where: {
+                id: req.user.id
+            }
+        }).then(function (user) {
+            if (!user)
+                return response.errorNotFound(res);
+            var ret = { baseURL: config.gitlab.baseURL };
+            ret.accesstoken = user.accessToken;
+            ret.profileid = user.profileid;
+            request(
+                config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken,
+                function(error, httpResponse, body) {
+                    if (!error && httpResponse.statusCode == 200) {
+                        ret.projects = JSON.parse(body);
+                        return res.send(ret);
+                    } else {
+                        return res.send(ret);
+                    }
+                }
+            );
+        }).catch(function (err) {
+            logger.error('gitlab action projects failed: ' + err);
+            return response.errorInternalError(res);
+        });
+    } else {
+        return response.errorForbidden(res);
+    }
+}
+
 function showPublishSlide(req, res, next) {
     findNote(req, res, function (note) {
         note.increment('viewcount').then(function (note) {

public/js/index.js

@@ -1182,7 +1182,7 @@ ui.toolbar.export.gist.attr("href", noteurl + "/gist");
 //export to snippet
 ui.toolbar.export.snippet.click(function() {
     ui.spinner.show();
-    $.get(serverurl + '/gitlab')
+    $.get(serverurl + '/auth/gitlab/callback/' + noteid + '/projects')
         .success(function (data) {
             $("#snippetExportModalAccessToken").val(data.accesstoken);
             $("#snippetExportModalBaseURL").val(data.baseURL);
@@ -1268,7 +1268,7 @@ ui.toolbar.import.gist.click(function () {
 //import from snippet
 ui.toolbar.import.snippet.click(function () {
     ui.spinner.show();
-    $.get(serverurl + '/gitlab')
+    $.get(serverurl + '/auth/gitlab/callback/' + noteid + '/projects')
         .success(function (data) {
             $("#snippetImportModalAccessToken").val(data.accesstoken);
             $("#snippetImportModalBaseURL").val(data.baseURL);