1
0
Fork 0

web - login and logout

master
Ruben Meyer 3 years ago
parent 08200451e3
commit 538e7b0a60

@ -28,7 +28,7 @@ models.user = new Schema({
]
},
passhash: String, // hashed password (String + separator + Salt)
token: { // last remember me cookie
token: { // last remember me cookie; removed feature
type: String,
default: ""
},

@ -15,7 +15,67 @@ route.post('/register', (req, res) => {
});
route.post('/login', (req, res) => {
// TODO: login
/*
* done - check body vars -> else ERR 401 'msg.auth.login.failed'
* done - get users by mail / nickname -> else ERR 401 'msg.auth.login.failed' OR ERR 500 'msg.database.error'
* done - validate password hash -> else ERR 401 'msg.auth.login.failed'
* TODO - add new activity 'action.user.login'
*/
if(req.session.user) {
return res.type('json').end(JSON.stringify({
status: 401,
message: 'msg.auth.logout.required'
}));
}
// check body variables
if(!req.body.email && !req.body.password) {
return res.type('json').status(401).end(JSON.stringify({
status: 401,
message: [
'msg.request.data.missing',
'msg.auth.login.failed'
]
}));
}
let email = req.body.email;
let pass = req.body.password;
global['modules'].database.getUser(email, (err, rep) => {
console.log(err, rep);
if(err) {
global['logs'].debug(err);
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.database.error',
'msg.auth.login.failed'
]
}));
}
if(!rep || rep === null || rep.length == 0 || rep.length > 1 || !global['modules'].auth.validateHash(rep[0].passhash, pass)) {
return res.type('json').status(401).end(JSON.stringify({
status: 401,
message: 'msg.auth.login.failed'
}));
} else {
// add cookies; login
// new activity 'action.user.login'
// add session data
req.session.user = {
'id': rep[0]._id,
'group': rep[0].group
};
return res.type('json').end(JSON.stringify({
status: 200,
message: 'msg.auth.login.successful',
type: 'form' // TODO: types - { form, access_app}
}));
}
});
});
route.post('/authenticate', (req, res) => {

@ -32,7 +32,12 @@ var fileCheck = (file) => {
route.all('/', function(req, res, next) {
// TODO: show login page or dashboard
// res.end('login or dashboard');
res.render('index');
global['modules'].database.getApps((err, rep) => {
res.render('index', {
session: req.session,
apps: rep
});
})
});
// login page or app request

@ -22,4 +22,4 @@ block scripts
//- Custom scripts for this template
script(src="/public/js/locales.js")
script(src="/public/js/custom.js")
script(src="/res/js/custom.js")

@ -1,6 +1,6 @@
append var
- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "ERROR - Please login", "active": true}};
- var title = "Please login";
- if(!session.user) var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "ERROR - Please login", "active": true}};
- if(!session.user) var title = "Please login";
.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
div(class="uk-width-auto uk-width-1-4@s")
.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right

@ -13,12 +13,13 @@ nav(uk-navbar).uk-navbar-container
span authRXBN
.uk-navbar-right.uk-margin-right
ul.uk-navbar-nav
if(user)
if(session && session.user)
+navItem("Apps", "apps", "fas fa-tachometer-alt", "/")
+navItem("Configs", "configs", "fas fa-wrench", "/configs")
+navItem("Logout", "logout", "fas fa-sign-out-alt", "/logout")
else
+navItem("Register", "register", "fas fa-user-plus", "/register")
+navItem("Login", "login", "far fa-arrow-alt-circle-right", "/login")
+navItem("Login", "login", "fas fa-sign-in-alt", "/login")
+navItem("Forgot your password?", "reset", "fas fa-key", "/reset")
div
- var breadcrumb_isSet = typeof breadcrumb !== 'undefined';

@ -1,26 +1,29 @@
extends blocks/layout.pug
append var
if(user)
if(session && session.user)
- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "Dashboard", "active": true}};
- var title = "Dashboard";
mixin item(name, url, description)
.card.mb-5
.card-body
h5.font-weight-bold.card-title=name
p.card-text=description
a(href=url) Login
mixin item(name, id, description)
div
.uk-card.uk-card-default
.uk-card-header.uk-card-primary
h3.uk-card-title=name
.uk-card-body
p=description
.uk-card-footer.uk-flex.uk-flex-right
a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Login
mixin items()
.flex
div(class="uk-child-width-1-2@m uk-margin-bottom", uk-grid)
if(apps)
each app in apps
+item(app.name, app.access, app.description)
+item(app.name, app.id, app.description)
else
p.text-center No applications were found.
append content
if(user)
if(session && session.user)
.uk-container
h1 Apps
+items()

@ -1,22 +1,27 @@
extends blocks/layout.pug
append var
if(user)
if(session && !session.user)
- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "Login", "active": true}};
- var title = "Login";
append content
.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
div(class="uk-width-auto uk-width-1-4@s")
.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
h1= login_title|| "Please login"
form.uk-form-horizontal
.uk-margin
label.uk-form-label(for="login_user") Username / Email
.uk-form-controls
input.uk-input#login_user(type="text", placeholder="tetrahedron")
.uk-margin
label.uk-form-label(for="login_pass") Password
.uk-form-controls
input.uk-input#login_pass(type="password")
a(href="/login").uk-button.uk-button-default Login
div(class="uk-width-auto uk-width-1-4@s")
if(session && !session.user)
.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
div(class="uk-width-auto uk-width-1-4@s")
.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
h1= login_title || "Please login"
form.uk-form-horizontal
.uk-margin
label.uk-form-label(for="login_user") Username / Email
.uk-form-controls
input.uk-input#login_user(type="text", placeholder="tetrahedron")
.uk-margin
label.uk-form-label(for="login_pass") Password
.uk-form-controls
input.uk-input#login_pass(type="password")
button(onclick="login()").uk-button.uk-button-default Login
div(class="uk-width-auto uk-width-1-4@s")
else
append var
- overwrite_vars = (session && session.user) ? true : false;
include blocks/error/permission.pug

@ -0,0 +1,18 @@
extends blocks/layout.pug
append var
if(session && session.user)
- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "Logout", "active": true}};
- var title = "Logout";
append content
if(session && session.user)
.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
div(class="uk-width-auto uk-width-1-4@s")
.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
h1 You will be redirected
#listener_logout
div(class="uk-width-auto uk-width-1-4@s")
else
append var
- overwrite_vars = (session && session.user) ? true : false;
include blocks/error/permission.pug

@ -0,0 +1,35 @@
function login() {
let user = document.getElementById("login_user").value;
let pass = document.getElementById("login_pass").value;
let data = {
"email": user,
"password": pass
};
let ajax = new XMLHttpRequest();
ajax.open("POST", "/api/login", true);
ajax.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
ajax.send(JSON.stringify(data));
ajax.onload = () => {
let json = JSON.parse(ajax.responseText);
if(json.message && json.message == "msg.auth.login.successful") window.location.href= "/";
};
};
function logout() {
let ajax = new XMLHttpRequest();
ajax.open("GET", "/api/logout", true);
ajax.setRequestHeader('Content-Type', 'charset=UTF-8');
ajax.send("");
ajax.onload = () => {
let json = JSON.parse(ajax.responseText);
if(json.message && json.message == "msg.auth.logout.successful") window.location.href= "/";
};
}
setTimeout(function () {
if(document.getElementById("listener_logout")) {
console.log("logout");
logout();
}
}, 100);
Loading…
Cancel
Save