From 7e82e4304f3ca2da5ff274888733206c00e5a14b Mon Sep 17 00:00:00 2001
From: Pitu <seligmannkevin@gmail.com>
Date: Wed, 18 Jan 2017 03:00:36 -0300
Subject: [PATCH] added admin auth for uploading to an album

---
 controllers/uploadController.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/controllers/uploadController.js b/controllers/uploadController.js
index cb97eaa..c6b6e87 100644
--- a/controllers/uploadController.js
+++ b/controllers/uploadController.js
@@ -28,6 +28,10 @@ uploadsController.upload = function(req, res, next){
 
 	let album = req.headers.album
 	
+	if(album !== undefined)
+		if(req.headers.adminAuth !== config.adminToken)
+			return res.status(401).send('not-authorized')
+	
 	upload(req, res, function (err) {
 		if (err) {
 			console.error(err)
@@ -78,7 +82,6 @@ uploadsController.list = function(req, res){
 		for(let file of files){
 			file.file = config.basedomain + config.uploads.prefix + file.name
 			file.ext = file.name.split('.').pop()
-
 			file.date = new Date(file.created_at * 1000)
 			file.date = file.date.getFullYear() + '-' + file.date.getMonth() + '-' + file.date.getDate() + ' ' + (file.date.getHours() < 10 ? '0' : '') + file.date.getHours() + ':' + (file.date.getMinutes() < 10 ? '0' : '') + file.date.getMinutes() + ':' + (file.date.getSeconds() < 10 ? '0' : '') + file.date.getSeconds()
 		}