web - simple routing

bin/web/routes/rules.js

@@ -0,0 +1,41 @@
+/*
+ * This file is part of the authRXBN single sign-on package.
+ *
+ * (c) Ruben Meyer <contact@rxbn.de>
+ */
+
+/**
+ * EXPLANATIONS:
+ * groups: ["anon", "user", "admin"]
+ * - anon: not logged in; no cookies
+ * - user: logged in; non-special group
+ * - admin: logged in; admin group 999 or equivalent
+ */
+let rules = [
+	{
+		group: "anon",
+		expression: "(/blocks/.*)",
+		rule: "block",
+		type: "404"
+	},
+	{
+		group: "anon",
+		expression: "(/error/.*)",
+		rule: "block",
+		type: "404"
+	},
+	{
+		group: "user",
+		expression: "(/blocks/.*)",
+		rule: "block",
+		type: "404"
+	},
+	{
+		group: "user",
+		expression: "(/error/.*)",
+		rule: "block",
+		type: "404"
+	}
+];
+
+module.exports = rules;

bin/web/routes/static.js

@@ -7,6 +7,27 @@
 var express = require('express');
 var route = express.Router();
 
+var fs = require('fs');
+var path = require('path');
+
+var fileCheck = (file) => {
+	if(typeof global['gds'].cache.web == 'undefined') global['gds'].cache.web = {};
+	let dir = global['__dirname'] + '/bin/web/views';
+	let path_j = path.join(dir, file.toLowerCase());
+	if(typeof global['gds'].cache.web[path_j] == 'undefined') {
+		if(fs.existsSync(path_j+'.pug')) {
+			global['gds'].cache.web[path_j] = true;
+		} else {
+			global['gds'].cache.web[path_j] = false;
+		}
+	}
+
+	if(global['gds'].cache.web[path_j] === true) {
+		return path_j;
+	} else {
+		return false;
+	}
+};
 
 route.all('/', function(req, res, next) {
 	// TODO: show login page or dashboard
@@ -14,16 +35,82 @@ route.all('/', function(req, res, next) {
 	res.render('index');
 });
 
+// login page or app request
+route.get('/authenticate', (req, res) => {
+	req.session.appRequest = {}; // TODO: data
+
+	if(req.session && req.session.user) {
+		res.render('request', {
+			appRequest: req.session.appRequest
+		});
+	} else {
+		res.render('login', {
+			login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
+			appRequest: req.session.appRequest
+		});
+	}
+});
+
+// authenticate user for server
+route.post('/authenticate', (req, res) => {
+
+});
+
 route.all('/*', (req, res, next) => {
 	// passthrough to next route
 	if(req.path.startsWith('/api'))
 		return next();
 
+	if(req.path == "/request") return res.render('error/404');
+
+	let pathRules = require("./rules");
+
+	let group = "anon";
+	if(req.session && req.session.user) {
+		group = "user";
+		if(req.session.user.group == 999) group = "admin";
+	}
+
+	pathRules.forEach((rule) => {
+		if(rule.rule == "block") {
+			if(group == rule.group) {
+				let regex = new RegExp(rule.expression, "g");
+				if(regex.test(req.path)) {
+					if(rule.type == "404") {
+						resSent = true;
+						return res.status(404).render('error/404', {
+							error_code: 404,
+							error_msg: 'msg.request.file.not_found',
+							user: req.session.user
+						});
+					} else if(rule.type == "missing_permission") {
+						resSent = true;
+						return res.status(401).render('error/permission', {
+							error_code: 401,
+							error_msg: 'msg.auth.login.required',
+							user: req.session.user
+						});
+					}
+				}
+			}
+		}
+	});
+
+	if(fileCheck(req.path)) {
+		return res.render(req.path.replace(/^\//, ''), {
+			user: req.session.user
+		});
+	} else {
+		return res.status(404).render('error/404', {
+			error_code: 404,
+			error_msg: 'msg.request.file.not_found',
+			user: req.session.user
+		});
+	}
+
 	// TODO: try to login
 	// TODO: role-based authorization
 	// TODO: show login page or page
-
-	res.end('500 - LEL');
 });
 
 module.exports = route;