From ba8be413b7ad65ba38cdbf5708c0b24b689d92be Mon Sep 17 00:00:00 2001
From: rxbn_ <contact@rxbn.de>
Date: Wed, 16 Sep 2020 16:42:51 +0200
Subject: [PATCH] web - minor fixes on reset page and path ruling

---
 bin/web/routes/static.js | 67 +++++++++++++++++++++-------------------
 bin/web/views/reset.pug  | 32 ++++++++-----------
 2 files changed, 48 insertions(+), 51 deletions(-)

diff --git a/bin/web/routes/static.js b/bin/web/routes/static.js
index b66cd59..0b1e3fc 100644
--- a/bin/web/routes/static.js
+++ b/bin/web/routes/static.js
@@ -131,7 +131,28 @@ let getRoutes = async () => {
 		if(req.path.startsWith('/api'))
 			return next();
 
-		if(req.path == "/request") return res.render('error/404');
+		let obj = {
+			session: req.session,
+			cfg: cfg
+		};
+		if(req.session && req.session.user) {
+			// query user
+			userQuery = await db.getUser(req.session.user.id);
+
+			if(userQuery.reply) {
+				groupQuery = await db.getGroup(userQuery.reply.group);
+				obj.user = userQuery.reply;
+				obj.group = groupQuery.reply;
+			}
+		}
+		if(req.path == "/request") {
+			if(req.query.appId) {
+				if(req.query.appId && typeof req.query.appId == "string") {
+					req.session.appRequest.appId = req.query.appId;
+				}
+			}
+			return res.redirect('/authenticate');
+		}
 
 		let pathRules = await db.getPathRules();
 
@@ -155,30 +176,18 @@ let getRoutes = async () => {
 					let regex = new RegExp(rule.expression, "g");
 					if(regex.test(req.path)) {
 						if(rule.type == "404") {
-							return res.status(404).render('error/404', {
-								error_code: 404,
-								error_msg: 'msg.request.file.not_found',
-								session: req.session,
-								cfg: cfg
-							});
+							obj.error_code = 404;
+							obj.error_msg = 'msg.request.file.not_found';
+							return res.status(404).render('error/404', obj);
 						} else if(rule.type == "missing_permission") {
-							return res.status(401).render('error/permission', {
-								error_code: 401,
-								session: req.session,
-								cfg: cfg
-							});
+							obj.error_code = 401;
+							return res.status(401).render('error/permission', obj);
 						} else if(rule.type == "login" && (!req.session || !req.session.user)) {
-							return res.status(401).render('error/login', {
-								error_code: 401,
-								session: req.session,
-								cfg: cfg
-							});
+							obj.error_code = 401;
+							return res.status(401).render('error/login', obj);
 						} else {
-							return res.status(401).render('error/error', {
-								error_code: 401,
-								session: req.session,
-								cfg: cfg
-							});
+							obj.error_code = 401;
+							return res.status(401).render('error/error', obj);
 						}
 					}
 				}
@@ -188,18 +197,12 @@ let getRoutes = async () => {
 		let dir = global['__dirname'] + '/bin/web/views';
 		let path_j = path.join(dir, req.path.toLowerCase());
 		if(fs.existsSync(path_j+'.pug')) {
-			return res.render(req.path.replace(/^\//, ''), {
-				session: req.session,
-				cfg: cfg
-			});
+			return res.render(req.path.replace(/^\//, ''), obj);
 		} else {
 			global['logs'].info("[web] (404) path not found: "+req.path);
-			return res.status(404).render('error/404', {
-				error_code: 404,
-				error_msg: 'msg.request.file.not_found',
-				session: req.session,
-				cfg: cfg
-			});
+			obj.error_code = 404;
+			obj.error_msg = 'msg.request.file.not_found';
+			return res.status(404).render('error/404', obj);
 		}
 	}));
 
diff --git a/bin/web/views/reset.pug b/bin/web/views/reset.pug
index 0fcc4c9..5c5faa3 100644
--- a/bin/web/views/reset.pug
+++ b/bin/web/views/reset.pug
@@ -1,23 +1,17 @@
 extends blocks/layout.pug
 append var
-	if(session && !session.user)
-		- var breadcrumb = {0: {"name": cfg.app.name, "href": "/"}, 1: {"name": "Forgot your password?", "active": true}};
-		- var title = "Reset password";
+	- var breadcrumb = {0: {"name": cfg.app.name, "href": "/"}, 1: {"name": "Forgot your password?", "active": true}};
+	- var title = "Reset password";
 
 append content
-	if(session && !session.user)
-		.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
-			div(class="uk-width-auto uk-width-1-4@s")
-			.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
-				h1 Reset Password
-				form.uk-form-horizontal
-					.uk-margin
-						label.uk-form-label(for="login_user") Username / Email
-						.uk-form-controls
-							input.uk-input#login_user(type="text", placeholder="tetrahedron")
-				a(href="#").uk-button.uk-button-default Reset password
-			div(class="uk-width-auto uk-width-1-4@s")
-	else
-		append var
-			- overwrite_vars = (session && session.user) ? true : false;
-		include blocks/error/permission.pug
+	.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
+		div(class="uk-width-auto uk-width-1-4@s")
+		.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
+			h1 Reset Password
+			form.uk-form-horizontal
+				.uk-margin
+					label.uk-form-label(for="login_user") Username / Email
+					.uk-form-controls
+						input.uk-input#login_user(type="text", placeholder="tetrahedron")
+			a(href="#").uk-button.uk-button-default Reset password
+		div(class="uk-width-auto uk-width-1-4@s")