Compare commits
4 Commits
4dd3f68f43
...
5eeee38bbf
Author | SHA1 | Date |
---|---|---|
Ruben Meyer | 5eeee38bbf | |
Ruben Meyer | 8ed3d8cbf5 | |
Ruben Meyer | 5457ff3f05 | |
Ruben Meyer | 44caa9d7ae |
|
@ -23,6 +23,7 @@ module.exports = {
|
|||
sessionKey: process.env.SESSION_KEY,
|
||||
cookieKey: process.env.COOKIE_KEY,
|
||||
registration: false, // false -> no registration
|
||||
loginTimeout: 300, // 300 seconds -> 5 minutes
|
||||
cookieMaxAge: 1000*60*60 // one hour (milliseconds*seconds*minutes)
|
||||
},
|
||||
app: {
|
||||
|
|
|
@ -100,6 +100,17 @@ methods.start = () => {
|
|||
}
|
||||
app.use(session_handler(session_options));
|
||||
|
||||
// login timeout, clear on all requests
|
||||
app.use((req, res, next) => {
|
||||
if(req.session && req.session.user && req.session.user.login_timeout) {
|
||||
if(Date.now() > req.session.user.login_timeout + cfg.web.loginTimeout * 1000) {
|
||||
res.clearCookie('RememberMe');
|
||||
req.session.destroy();
|
||||
}
|
||||
}
|
||||
next();
|
||||
})
|
||||
|
||||
// web routes
|
||||
let mRoutes = require(global['__dirname']+'/bin/web/routes/static');
|
||||
let mainRoutes = await mRoutes.getRoutes();
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
var sanitize = require('mongo-sanitize');
|
||||
var speakeasy = require('speakeasy');
|
||||
|
||||
var cfg = require(global['__dirname']+'/bin/config');
|
||||
|
||||
let db = global['requireModule']('database');
|
||||
|
||||
module.exports = {
|
||||
|
@ -23,6 +26,7 @@ module.exports = {
|
|||
]
|
||||
}));
|
||||
}
|
||||
|
||||
let mfa = sanitize(req.body.mfa);
|
||||
user = await db.getUser(req.session.user.id);
|
||||
|
||||
|
@ -74,6 +78,13 @@ module.exports = {
|
|||
req.session.user.loggedInFull = true;
|
||||
delete req.session.user.login_step;
|
||||
delete req.session.user.login_step_type;
|
||||
delete req.session.user.loginTimeout;
|
||||
|
||||
return res.type('json').end(JSON.stringify({
|
||||
status: 200,
|
||||
message: 'msg.auth.login.successful',
|
||||
type: 'form' // TODO: types - { form, access_app}
|
||||
}));
|
||||
} else {
|
||||
req.session.user.login_step++;
|
||||
req.session.user.login_step_type = user.reply.mfa.data[req.session.user.login_step].type;
|
||||
|
@ -175,6 +186,7 @@ module.exports = {
|
|||
if(!req.session.user.loggedInFull) { // mfa is active
|
||||
req.session.user.login_step_type = user.reply.mfa.data[0].type;
|
||||
req.session.user.login_step = 0;
|
||||
req.session.user.login_timeout = Date.now();
|
||||
|
||||
return res.type('json').end(JSON.stringify({
|
||||
status: 200,
|
||||
|
|
|
@ -17,8 +17,8 @@ footer
|
|||
|
||||
block scripts
|
||||
//- UIkit JS
|
||||
script(src="https://cdnjs.cloudflare.com/ajax/libs/uikit/3.1.5/js/uikit.min.js")
|
||||
script(src="https://cdnjs.cloudflare.com/ajax/libs/uikit/3.1.5/js/uikit-icons.min.js")
|
||||
script(src="https://cdn.jsdelivr.net/npm/uikit@3.7.2/dist/js/uikit.min.js")
|
||||
script(src="https://cdn.jsdelivr.net/npm/uikit@3.7.2/dist/js/uikit-icons.min.js")
|
||||
|
||||
//- Custom scripts for this template
|
||||
//script(src="/public/js/locales.js")
|
||||
|
|
|
@ -12,10 +12,10 @@ head
|
|||
|
||||
block css
|
||||
//- UIkit CSS
|
||||
link(href="https://cdnjs.cloudflare.com/ajax/libs/uikit/3.1.5/css/uikit.min.css", rel="stylesheet")
|
||||
link(href="https://cdn.jsdelivr.net/npm/uikit@3.7.2/dist/css/uikit.min.css", rel="stylesheet")
|
||||
|
||||
//- Custom Stylesheet
|
||||
link(href="/res/css/stylesheet.css", rel="stylesheet")
|
||||
|
||||
//- Custom fonts for this template
|
||||
link(href="https://use.fontawesome.com/releases/v5.1.1/css/all.css" integrity="sha384-O8whS3fhG2OnA5Kas0Y9l3cfpmYjapjI0E4theH4iuMD+pLhbf6JI0jIMfYcK3yZ", crossorigin="anonymous", rel="stylesheet")
|
||||
link(href="https://use.fontawesome.com/releases/v5.15.4/css/all.css" integrity="sha384-DyZ88mC6Up2uqS4h/KRgHuoeGwBcD4Ng9SiP4dIRy0EXTlnuz47vAwmeGwVChigm", crossorigin="anonymous", rel="stylesheet")
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
extends blocks/layout.pug
|
||||
append var
|
||||
if(session && session.user && session.user.loggedInFull)
|
||||
if(session && session.user)
|
||||
- var breadcrumb = {0: {"name": cfg.app.name, "href": "/"}, 1: {"name": "Logout", "active": true}};
|
||||
- var title = "Logout";
|
||||
|
||||
append content
|
||||
if(session && session.user && session.user.loggedInFull)
|
||||
if(session && session.user)
|
||||
.uk-flex.uk-margin-medium-top.uk-margin-medium-bottom
|
||||
div(class="uk-width-auto uk-width-1-4@s")
|
||||
.uk-flex.uk-flex-auto.uk-flex-column.uk-flex-center.uk-margin-left.uk-margin-right
|
||||
|
|
Loading…
Reference in New Issue