Add a middleware function to restrict access

- Add ```isAdmin``` or ```isUser``` as a middleware function in requests
  to block access. I couldn't do it because I don't really know what to
  restrict. :P
- Improve signup strategy so that users and admins can't have same
  username.

Author: coditva

passport_config.js

@@ -50,7 +50,18 @@ module.exports = function(app, passport){
             return cb(null, false, {message:"User already registered"});
           }
           else{
-            app.db.users.insert({username: username, password:password});
+            // Must not be the same as admins
+            app.db.admins.findOne({username: username}, function(err, user) {
+              if (err) {
+                return cb(err);
+              }
+              if (user) {
+                return cb(null, false, {message:"User already registered"});
+              }
+              else{
+                app.db.users.insert({username: username, password:password});
+              }
+            });
           }
         });
       }else

routes/index.js

@@ -364,7 +364,7 @@ function rescanItem(req) {
   app.db.songs.find({ _id: { $in: items }}, function(err, songs) {
     if (!err && songs)
 
-        // add the location to the list of songs to scan
+      // add the location to the list of songs to scan
       for (var i = 0; i < songs.length; i++) {
         songLocArr.push(songs[i].location);
       }
@@ -655,3 +655,31 @@ function getYoutubeSongs(req) {
     });
   });
 }
+
+function isUser(req, res, next) {
+  if (req.isAuthenticated()) {
+    app.db.users.findOne({username: req.user.username}, function (err, user) {
+      if (!user) {
+        res.redirect('/login');
+      } else {
+        return next();
+      }
+    });
+  }else {
+    res.redirect('/login?notAuth');
+  }
+}
+
+function isAdmin(req, res, next) {
+  if (req.isAuthenticated()) {
+    app.db.admin.findOne({username: req.user.username}, function (err, user) {
+      if (!user) {
+        res.redirect('/admin');
+      } else {
+        return next();
+      }
+    });
+  }else {
+    res.redirect('/admin?notAuth');
+  }
+}