Use new mustBeAuthenticated middleware.

api/subscriptions.js

@@ -9,6 +9,8 @@ mongoose.connect("mongodb://localhost:27017/vinlottis", {
   useNewUrlParser: true
 });
 
+const mustBeAuthenticated = require(path.join(__dirname + "/../middleware/mustBeAuthenticated"))
+
 const config = require(path.join(__dirname + "/../config/defaults/push"));
 const Subscription = require(path.join(__dirname + "/../schemas/Subscription"));
 const lotteryConfig = require(path.join(
@@ -67,12 +69,7 @@ const saveToDatabase = async subscription => {
   }
 };
 
-router.route("/send-notification").post(async (req, res) => {
+router.route("/send-notification").post(mustBeAuthenticated, async (req, res) => {
-  if (!req.isAuthenticated()) {
-    res.send(false);
-    return;
-  }
-
   const message = JSON.stringify({
     message: req.body.message,
     title: "Vinlotteri!"

api/update.js

@@ -7,6 +7,7 @@ mongoose.connect("mongodb://localhost:27017/vinlottis", {
 });
 
 const sub = require(path.join(__dirname + "/../api/subscriptions"));
+const mustBeAuthenticated = require(path.join(__dirname + "/../middleware/mustBeAuthenticated"))
 
 const Subscription = require(path.join(__dirname + "/../schemas/Subscription"));
 const Purchase = require(path.join(__dirname + "/../schemas/Purchase"));
@@ -20,11 +21,7 @@ router.use((req, res, next) => {
   next();
 });
 
-router.route("/log/wines").post(async (req, res) => {
+router.route("/log/wines").post(mustBeAuthenticated, async (req, res) => {
-  if (!req.isAuthenticated()) {
-    res.send(false);
-    return;
-  }
   const wines = req.body;
   for (let i = 0; i < wines.length; i++) {
     let wine = wines[i];
@@ -57,6 +54,7 @@ router.route("/log").post(async (req, res) => {
     return;
   }
 
+router.route("/log").post(mustBeAuthenticated, async (req, res) => {
   await PreLotteryWine.deleteMany();
 
   const purchaseBody = req.body.purchase;