more cleanup

app/controllers/admin.js

@@ -15,7 +15,7 @@ const Video = mongoose.model('Video');
 
 import express from 'express';
 
-import { SiteController, SiteError } from '../../lib/site-lib.js';
+import { SiteController } from '../../lib/site-lib.js';
 
 export default class AdminController extends SiteController {
 
@@ -29,18 +29,14 @@ export default class AdminController extends SiteController {
   async start ( ) {
     const { session: sessionService } = this.dtp.services;
 
-    const router = express.Router();
+    const authCheck = sessionService.authCheckMiddleware({ requireLogin: true, requireAdmin: true });
-    this.dtp.app.use('/admin', router);
 
-    const authRequired = sessionService.authCheckMiddleware({ requireLogin: true, requireAdmin: true });
+    const router = express.Router();
-    router.use(authRequired);
+    this.dtp.app.use('/admin', authCheck, router);
 
     router.use('/user', await this.loadChild(path.join(__dirname, 'admin', 'user.js')));
 
-    router.get(
+    router.get('/', this.getDashboard.bind(this));
-      '/',
-      this.getDashboard.bind(this),
-    );
 
     return router;
   }

app/controllers/client.js

@@ -19,12 +19,13 @@ export default class ClientController extends SiteController {
 
   async start ( ) {
     const { dtp } = this;
+    const {
+      limiter: limiterService,
+      session: sessionService,
+    } = dtp.services;
 
-    const router = express.Router();
-    dtp.app.use('/client', router);
-
-    const { limiter: limiterService } = dtp.services;
     const limiterConfig = limiterService.config.client;
+    const authCheck = sessionService.authCheckMiddleware({ requireLogin: true });
 
     function checkClientOwnership (req, res, next) {
       if (!res.locals.client.user._id.equals(req.user._id)) {
@@ -40,6 +41,9 @@ export default class ClientController extends SiteController {
       return next();
     }
 
+    const router = express.Router();
+    dtp.app.use('/client', authCheck, router);
+
     router.param('clientId', this.populateClientId.bind(this));
     router.param('projectId', this.populateProjectId.bind(this));
 

app/controllers/report.js

@@ -18,11 +18,17 @@ export default class ReportController extends SiteController {
   }
 
   async start ( ) {
-    // const { limiter: limiterService } = dtp.services;
+    const {
+      // limiter: limiterService,
+      session: sessionService,
+    } = this.dtp.services;
+
     // const limiterConfig = limiterService.config.report;
 
+    const authCheck = sessionService.authCheckMiddleware({ requireLogin: true });
+
     const router = express.Router();
-    this.dtp.app.use('/report', router);
+    this.dtp.app.use('/report', authCheck, router);
 
     router.get('/', this.getDashboard.bind(this));
   }

app/controllers/task.js

@@ -20,7 +20,10 @@ export default class TaskController extends SiteController {
   async start ( ) {
     const { dtp } = this;
 
-    const { limiter: limiterService } = dtp.services;
+    const {
+      limiter: limiterService,
+      session: sessionService,
+    } = dtp.services;
     const limiterConfig = limiterService.config.task;
 
     const multer = this.createMulter(TaskController.slug, {
@@ -29,8 +32,10 @@ export default class TaskController extends SiteController {
       },
     });
 
+    const authCheck = sessionService.authCheckMiddleware({ requireLogin: true });
+
     const router = express.Router();
-    dtp.app.use('/task', router);
+    dtp.app.use('/task', authCheck, router);
 
     router.use(async (req, res, next) => {
       res.locals.currentView = TaskController.name;