fcingolani/index.js

## index.js
var express = require('express');
var app = express();


// middleware que obtiene los roles del usuario actual

app.use(function (req, res, next){

  if(req.query.admin){
    req.role = "admin";
  }else{
    req.role = "anon";
  };

  next();
});

function restrict (roles){

  return function (req, res, next){
    if(roles.indexOf(req.role) === -1 ){
      res.sendStatus(403);
    }else{
      next();
    }
  };

};

app.get('/', restrict(['anon', 'admin']), function (req, res) {
  res.send('Hola');
});

app.get('/secreto', restrict(['admin']), function (req, res) {
  res.send('Mundo');
});

app.listen(3000);
	var express = require('express');
	var app = express();


	// middleware que obtiene los roles del usuario actual

	app.use(function (req, res, next){

	if(req.query.admin){
	req.role = "admin";
	}else{
	req.role = "anon";
	};

	next();
	});

	function restrict (roles){

	return function (req, res, next){
	if(roles.indexOf(req.role) === -1 ){
	res.sendStatus(403);
	}else{
	next();
	}
	};

	};

	app.get('/', restrict(['anon', 'admin']), function (req, res) {
	res.send('Hola');
	});

	app.get('/secreto', restrict(['admin']), function (req, res) {
	res.send('Mundo');
	});

	app.listen(3000);