Compare commits

...

2 Commits

  1. 10
      README.md
  2. 55
      bin/web/routes/api/authenticate.js

10
README.md

@ -1,6 +1,14 @@
# [auth.rxbn.de](https://auth.rxbn.de) - Single sign-on (SSO) Service
Single sign-on authentication and authorization service for rxbn.de services
Single sign-on authentication service for rxbn.de services
# Environment variables
- __*DB_URL*__ := [MongoDB Connection URI String Format](https://docs.mongodb.com/manual/reference/connection-string/), ex.: mongodb://mongoDBUser:[email protected]:27017/admin
- __*DB_NAME*__ := MongoDB Database, ex.: authRxbn
- __*SESSION_KEY*__ := SessionKey to encrypt sessions
- __*COOKIE_KEY*__ := CookieKey to encrypt cookies
- __*PROMETHEUS_USER*__ := PrometheusUser for basic authentication on prometheus endpoints, ex.: test
- __*PROMETHEUS_PW*__ := PrometheusPassword for basic authentication on prometheus endpoints, ex.: test
# start server
## regular

55
bin/web/routes/api/authenticate.js

@ -1,3 +1,6 @@
var sanitize = require('mongo-sanitize');
let db = global['requireModule']('database');
module.exports = {
path: "/authenticate",
/**
@ -5,9 +8,57 @@ module.exports = {
* @url /api/authenticate
* @method POST
* @POST ['applicationId', 'applicationSecret', 'userId', 'token']
* @TODO add implementation
*/
post: async (req, res) => {
return res.end();
// check body variables
if(!req.body.applicationId || !req.body.applicationSecret || !req.body.userId || !req.body.token) {
return res.type('json').status(401).end(JSON.stringify({
status: 401,
message: [
'msg.request.data.missing'
]
}));
}
let applicationId = sanitize(req.body.applicationId);
let applicationSecret = sanitize(req.body.applicationSecret);
let userId = sanitize(req.body.userId);
let token = sanitize(req.body.token);
let auth = await db.getAuth({
aId: applicationId,
aSecret: applicationSecret,
uId: userId,
token: token
});
// if database error
if(auth.err) {
// log error while debugging
global['logs'].debug(auth.err);
// database error
return res.type('json').status(500).end(JSON.stringify({
status: 500,
message: [
'msg.database.error'
]
}));
}
// no reply (user does not exist) or password is wrong
if(!auth.reply || auth.reply === null || auth.reply.length == 0) {
return res.type('json').status(401).end(JSON.stringify({
status: 401,
message: 'msg.auth.authentication.failed'
}));
// authentication granted
} else {
// no authorization, the clients are also resource servers and therefore handle data requests for themself
return res.type('json').status(200).end(JSON.stringify({
status: 200,
message: 'msg.auth.authentication.successful'
}));
}
}
};

Loading…
Cancel
Save