web - app request -> redirecting

2019-11-30 23:42:34 +01:00 · 2019-11-30 23:42:34 +01:00 · 8c2d8a6920
commit 8c2d8a6920
parent 57f73a2372
2 changed files with 62 additions and 3 deletions
--- a/bin/web/routes/api.js
+++ b/bin/web/routes/api.js
@ -10,8 +10,10 @@ var route = express.Router();
 route.post('/register', (req, res) => {
 	if(!global['app'].cfg.web.registration) {
 		return res.type('json').status(400).end(JSON.stringify({status: 400, message: "msg.auth.registration.deactivated"}));
-	}
+	} else {
 		// TODO: register
+		return res.type('json').status(200).end(JSON.stringify({}));
+	}
 });

 route.post('/login', (req, res) => {
@ -82,8 +84,65 @@ route.post('/authenticate', (req, res) => {
 	// TODO: authenticate
 });

+route.get('/redirect', (req, res) => {
+	if(req.session && req.session.user) {
+		if(!req.query || !req.query.id) {
+			return res.type('json').status(500).end(JSON.stringify({
+				status: 500,
+				message: [
+					'msg.request.data.missing'
+				]
+			}));
+		}
+		global['modules'].database.setAuthCode({
+			aId: req.query.id,
+			uId: req.session.user.id
+		}, (err, rep) => {
+			if(err) {
+				global['logs'].debug(err);
+				return res.type('json').status(500).end(JSON.stringify({
+					status: 500,
+					message: [
+						'msg.database.error'
+					]
+				}));
+			}
+			else if(rep) {
+				global['modules'].database.getApps((err2, rep2) => {
+					if(err2) {
+						global['logs'].debug(err2);
+						return res.type('json').status(500).end(JSON.stringify({
+							status: 500,
+							message: [
+								'msg.database.error'
+							]
+						}));
+					}
+					rep2.forEach((app) => {
+						if(app.id == req.query.id) {
+							return res.redirect(app.access+"?uid="+req.session.user.id+"&token="+rep.token);
+						}
+					});
+				});
+			} else {
+				return res.type('json').status(500).end(JSON.stringify({
+					status: 500,
+					message: [
+						'msg.database.error'
+					]
+				}));
+			}
+		});
+	} else {
+		return res.type('json').end(JSON.stringify({
+			status: 401,
+			message: 'msg.auth.login.required'
+		}));
+	}
+});
+
 route.get('/logout', (req, res) => {
-	if(!req.session.user) {
+	if(!req.session || !req.session.user) {
 		return res.type('json').end(JSON.stringify({
 			status: 401,
 			message: 'msg.auth.login.required'
--- a/bin/web/views/request.pug
+++ b/bin/web/views/request.pug
@ -22,6 +22,6 @@ append content
 									i= app.access
 							.uk-card-footer.uk-flex.uk-flex-around
 								a.uk-button.uk-button-default.uk-button-default Cancel
-								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Authorize request
+								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+appRequest.appId) Authorize request
 	else
 		include blocks/login.pug