1
0
Fork 0

web - app request -> redirecting

This commit is contained in:
Ruben Meyer 2019-11-30 23:42:34 +01:00
parent 57f73a2372
commit 8c2d8a6920
2 changed files with 62 additions and 3 deletions

View File

@ -10,8 +10,10 @@ var route = express.Router();
route.post('/register', (req, res) => {
if(!global['app'].cfg.web.registration) {
return res.type('json').status(400).end(JSON.stringify({status: 400, message: "msg.auth.registration.deactivated"}));
} else {
// TODO: register
return res.type('json').status(200).end(JSON.stringify({}));
}
// TODO: register
});
route.post('/login', (req, res) => {
@ -82,8 +84,65 @@ route.post('/authenticate', (req, res) => {
// TODO: authenticate
});
route.get('/redirect', (req, res) => {
if(req.session && req.session.user) {
if(!req.query || !req.query.id) {
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.request.data.missing'
]
}));
}
global['modules'].database.setAuthCode({
aId: req.query.id,
uId: req.session.user.id
}, (err, rep) => {
if(err) {
global['logs'].debug(err);
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.database.error'
]
}));
}
else if(rep) {
global['modules'].database.getApps((err2, rep2) => {
if(err2) {
global['logs'].debug(err2);
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.database.error'
]
}));
}
rep2.forEach((app) => {
if(app.id == req.query.id) {
return res.redirect(app.access+"?uid="+req.session.user.id+"&token="+rep.token);
}
});
});
} else {
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.database.error'
]
}));
}
});
} else {
return res.type('json').end(JSON.stringify({
status: 401,
message: 'msg.auth.login.required'
}));
}
});
route.get('/logout', (req, res) => {
if(!req.session.user) {
if(!req.session || !req.session.user) {
return res.type('json').end(JSON.stringify({
status: 401,
message: 'msg.auth.login.required'

View File

@ -22,6 +22,6 @@ append content
i= app.access
.uk-card-footer.uk-flex.uk-flex-around
a.uk-button.uk-button-default.uk-button-default Cancel
a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Authorize request
a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+appRequest.appId) Authorize request
else
include blocks/login.pug