From 8c2d8a6920b1bd93ba237c10981a22c94db20b58 Mon Sep 17 00:00:00 2001
From: Ruben Meyer <46384706+rxbnDE@users.noreply.github.com>
Date: Sat, 30 Nov 2019 23:42:34 +0100
Subject: [PATCH] web - app request -> redirecting

---
 bin/web/routes/api.js     | 63 +++++++++++++++++++++++++++++++++++++--
 bin/web/views/request.pug |  2 +-
 2 files changed, 62 insertions(+), 3 deletions(-)

diff --git a/bin/web/routes/api.js b/bin/web/routes/api.js
index 71fc47f..b4a4def 100644
--- a/bin/web/routes/api.js
+++ b/bin/web/routes/api.js
@@ -10,8 +10,10 @@ var route = express.Router();
 route.post('/register', (req, res) => {
 	if(!global['app'].cfg.web.registration) {
 		return res.type('json').status(400).end(JSON.stringify({status: 400, message: "msg.auth.registration.deactivated"}));
+	} else {
+		// TODO: register
+		return res.type('json').status(200).end(JSON.stringify({}));
 	}
-	// TODO: register
 });
 
 route.post('/login', (req, res) => {
@@ -82,8 +84,65 @@ route.post('/authenticate', (req, res) => {
 	// TODO: authenticate
 });
 
+route.get('/redirect', (req, res) => {
+	if(req.session && req.session.user) {
+		if(!req.query || !req.query.id) {
+			return res.type('json').status(500).end(JSON.stringify({
+				status: 500,
+				message: [
+					'msg.request.data.missing'
+				]
+			}));
+		}
+		global['modules'].database.setAuthCode({
+			aId: req.query.id,
+			uId: req.session.user.id
+		}, (err, rep) => {
+			if(err) {
+				global['logs'].debug(err);
+				return res.type('json').status(500).end(JSON.stringify({
+					status: 500,
+					message: [
+						'msg.database.error'
+					]
+				}));
+			}
+			else if(rep) {
+				global['modules'].database.getApps((err2, rep2) => {
+					if(err2) {
+						global['logs'].debug(err2);
+						return res.type('json').status(500).end(JSON.stringify({
+							status: 500,
+							message: [
+								'msg.database.error'
+							]
+						}));
+					}
+					rep2.forEach((app) => {
+						if(app.id == req.query.id) {
+							return res.redirect(app.access+"?uid="+req.session.user.id+"&token="+rep.token);
+						}
+					});
+				});
+			} else {
+				return res.type('json').status(500).end(JSON.stringify({
+					status: 500,
+					message: [
+						'msg.database.error'
+					]
+				}));
+			}
+		});
+	} else {
+		return res.type('json').end(JSON.stringify({
+			status: 401,
+			message: 'msg.auth.login.required'
+		}));
+	}
+});
+
 route.get('/logout', (req, res) => {
-	if(!req.session.user) {
+	if(!req.session || !req.session.user) {
 		return res.type('json').end(JSON.stringify({
 			status: 401,
 			message: 'msg.auth.login.required'
diff --git a/bin/web/views/request.pug b/bin/web/views/request.pug
index 4fad170..35e5689 100644
--- a/bin/web/views/request.pug
+++ b/bin/web/views/request.pug
@@ -22,6 +22,6 @@ append content
 									i= app.access
 							.uk-card-footer.uk-flex.uk-flex-around
 								a.uk-button.uk-button-default.uk-button-default Cancel
-								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Authorize request
+								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+appRequest.appId) Authorize request
 	else
 		include blocks/login.pug