How to use the keystone.security function in keystone
To help you get started, we’ve selected a few keystone examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
keystonejs / keystone-test-project / routes / index.js View on Github 
app.get('/api', function (req, res) {
res.render('api', {
Keystone: {
csrf_header_key: keystone.security.csrf.CSRF_HEADER_KEY,
csrf_token_value: keystone.security.csrf.getToken(req, res),
},
});
});app.get('/api', function (req, res) {
res.render('api', {
Keystone: {
csrf_header_key: keystone.security.csrf.CSRF_HEADER_KEY,
csrf_token_value: keystone.security.csrf.getToken(req, res),
},
});
});var async = require('async'),
keystone = require('keystone');
var security = keystone.security;
var PostCategory = keystone.list('PostCategory');
/**
* List PostCategory
*/
exports.list = function(req, res) {
PostCategory.model.find(function(err, items) {
if (err) return res.apiError('database error', err);
res.apiResponse({
postcategory: items
});
});var async = require('async'),
keystone = require('keystone');
var exec = require('child_process').exec;
var security = keystone.security;
var ImgData = keystone.list('ImageUpload');
/**
* List Images
*/
exports.list = function(req, res) {
ImgData.model.find(function(err, items) {
if (err) return res.apiError('database error', err);
res.apiResponse({
collections: items
});
});exports = module.exports = function(req, res) {
var view = new keystone.View(req, res);
view.render(
'index',
{
csrfToken: keystone.security.csrf.getToken(req, res),
csrfKey: keystone.security.csrf.TOKEN_KEY
}
);
}var async = require('async'),
keystone = require('keystone');
var security = keystone.security;
var FrontEndWidget = keystone.list('FrontEndWidget');
/**
* List FrontEndWidget
*/
exports.list = function(req, res) {
FrontEndWidget.model.find(function(err, items) {
if (err) return res.apiError('database error', err);
res.apiResponse({
frontendwidget: items
});
});var keystone = require('keystone');
var User = keystone.list('User');
var security = keystone.security;
var Mailgun = require('mailgun-js'); //Mailgun API library.
var serverData = require('./../../private/privatesettings.json');
/**
* Send an email
*/
exports.send = function(req, res) {
debugger;
var data = (req.method == 'POST') ? req.body : req.query;
if(data.html == "true")
data.html = true;
if(data.html == "false")
data.html = false;exports = module.exports = function(req, res) {
var view = new keystone.View(req, res);
view.render(
'index',
{
csrfToken: keystone.security.csrf.getToken(req, res),
csrfKey: keystone.security.csrf.TOKEN_KEY
}
);
}var async = require('async'),
keystone = require('keystone');
var security = keystone.security;
var fs = require('fs');
var Promise = require('mpromise');
var PageSection = keystone.list('PageSection');
/*
* Dev Note 1/27/17 CT:
* -This API includes an alternate way to implement the ConnextCMS admin and super user permissions.
* -This method is overly complicated and was given up in favor of the simpler method used in the other APIs.
* -The code is left here for posterity, in case I ever need to access it again.
*/
/**
* List PageSection
*/var async = require('async'),
keystone = require('keystone');
var security = keystone.security;
var PrivatePage = keystone.list('PrivatePage');
/**
* List PrivatePages
*/
exports.list = function(req, res) {
//debugger;
//Reject the API request if the user is not logged in.
try {
var userId = req.user.get('id');
} catch(err) {
return res.apiError('not logged in', err);
}keystone
Web Application Framework and Admin GUI / Content Management System built on Express.js and Mongoose
