From c4eb8811adfe683388aecffeee91bb9c98f271db Mon Sep 17 00:00:00 2001
From: Ruben Meyer <46384706+rxbnDE@users.noreply.github.com>
Date: Sun, 24 Nov 2019 23:23:04 +0100
Subject: [PATCH] web - app request -> alpha implementation

---
 bin/web/routes/static.js  | 38 +++++++++++++++++++++++++-------------
 bin/web/views/request.pug | 27 +++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 13 deletions(-)

diff --git a/bin/web/routes/static.js b/bin/web/routes/static.js
index 1808325..64d79a3 100644
--- a/bin/web/routes/static.js
+++ b/bin/web/routes/static.js
@@ -42,23 +42,35 @@ route.all('/', function(req, res, next) {
 
 // login page or app request
 route.get('/authenticate', (req, res) => {
+
 	req.session.appRequest = {}; // TODO: data
 
-	if(req.session && req.session.user) {
-		res.render('request', {
-			appRequest: req.session.appRequest
-		});
-	} else {
-		res.render('login', {
-			login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
-			appRequest: req.session.appRequest
-		});
-	}
-});
+	global['modules'].database.getApps((err, rep) => {
+		if(req.query.appId) {
+			if(req.query.appId && typeof req.query.appId == "string") {
+				// req.query.appId
+				// verify appId (if in rep)
+				req.session.appRequest.appId = req.query.appId;
 
-// authenticate user for server
-route.post('/authenticate', (req, res) => {
+				// TODO: on accept, setAuthCode and redirect with token
+				// on cancel, redirect to dashboard
+			}
+		}
 
+		if(req.session && req.session.user) {
+			res.render('request', {
+				session: req.session,
+				appRequest: req.session.appRequest,
+				apps: rep
+			});
+		} else {
+			res.render('login', {
+				session: req.session,
+				login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
+				appRequest: req.session.appRequest
+			});
+		}
+	});
 });
 
 route.all('/*', (req, res, next) => {
diff --git a/bin/web/views/request.pug b/bin/web/views/request.pug
index e69de29..4fad170 100644
--- a/bin/web/views/request.pug
+++ b/bin/web/views/request.pug
@@ -0,0 +1,27 @@
+extends blocks/layout.pug
+append var
+	if(session && session.user)
+		- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "Authorization", "active": true}};
+		- var title = "authorize App";
+
+append content
+	if(session && session.user)
+		.uk-container.uk-margin-bottom
+			h1 Authorize App
+			each app in apps
+				if(app._id == appRequest.appId)
+					div
+						.uk-card.uk-card-default
+							.uk-card-header.uk-card-primary
+								h3.uk-card-title "#{app.name}" needs authorization to login with your credentials
+							.uk-card-body
+								p= app.description
+								p
+									span Redirecting to:
+									br
+									i= app.access
+							.uk-card-footer.uk-flex.uk-flex-around
+								a.uk-button.uk-button-default.uk-button-default Cancel
+								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Authorize request
+	else
+		include blocks/login.pug