April 18, 2013 00:37
diff --git a/gistfile1.js b/gistfile1.js
    // Make sure the socket is coming from our app by matching the session id
    socketServer.set('authorization', function (data, accept) {
        cookieParser(data, {}, function(err) {
            if (err) {
                accept(err, false);
            } else {
                config.sessionStore.load(data.signedCookies[config.sessionKey], function(err, session) {
                    if (err || !session) {
                        accept('Session error', false);
                    } else {
                        data.session = session;
                        accept(null, true);
                    }
                });
            }
        });
    });

    // Set up an admin channel that checks for admin authorization
    socketServer.of('/admin').authorization(function (data, accept) {
        cookieParser(data, {}, function(err) {
            if (err) {
                accept(err, false);
            } else {
                config.sessionStore.load(data.signedCookies[config.sessionKey], function(err, session) {
                    if (!session.uid) {
                        accept('Access denied', false);
                    }  else {
                        Users.findOne({_id: session.uid}, function (err, db_user) {
                            if (db_user && db_user.name == 'admin') {
                                accept(null, true);
                            } else {
                                accept('Access denied', false);
                            }
                        });
                    }
                });
            }
        });
    });
	// Make sure the socket is coming from our app by matching the session id
	socketServer.set('authorization', function (data, accept) {
	cookieParser(data, {}, function(err) {
	if (err) {
	accept(err, false);
	} else {
	config.sessionStore.load(data.signedCookies[config.sessionKey], function(err, session) {
	if (err \|\| !session) {
	accept('Session error', false);
	} else {
	data.session = session;
	accept(null, true);
	}
	});
	}
	});
	});

	// Set up an admin channel that checks for admin authorization
	socketServer.of('/admin').authorization(function (data, accept) {
	cookieParser(data, {}, function(err) {
	if (err) {
	accept(err, false);
	} else {
	config.sessionStore.load(data.signedCookies[config.sessionKey], function(err, session) {
	if (!session.uid) {
	accept('Access denied', false);
	} else {
	Users.findOne({_id: session.uid}, function (err, db_user) {
	if (db_user && db_user.name == 'admin') {
	accept(null, true);
	} else {
	accept('Access denied', false);
	}
	});
	}
	});
	}
	});
	});