Compare commits
2 Commits
b3d0896f51
...
ff55932d44
Author | SHA1 | Date |
---|---|---|
Ruben Meyer | ff55932d44 | |
Ruben Meyer | 6e15aa5fe9 |
10
README.md
10
README.md
|
@ -1,6 +1,14 @@
|
|||
# [auth.rxbn.de](https://auth.rxbn.de) - Single sign-on (SSO) Service
|
||||
|
||||
Single sign-on authentication and authorization service for rxbn.de services
|
||||
Single sign-on authentication service for rxbn.de services
|
||||
|
||||
# Environment variables
|
||||
- __*DB_URL*__ := [MongoDB Connection URI String Format](https://docs.mongodb.com/manual/reference/connection-string/), ex.: mongodb://mongoDBUser:mongoDBPassword@localhost:27017/admin
|
||||
- __*DB_NAME*__ := MongoDB Database, ex.: authRxbn
|
||||
- __*SESSION_KEY*__ := SessionKey to encrypt sessions
|
||||
- __*COOKIE_KEY*__ := CookieKey to encrypt cookies
|
||||
- __*PROMETHEUS_USER*__ := PrometheusUser for basic authentication on prometheus endpoints, ex.: test
|
||||
- __*PROMETHEUS_PW*__ := PrometheusPassword for basic authentication on prometheus endpoints, ex.: test
|
||||
|
||||
# start server
|
||||
## regular
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
var sanitize = require('mongo-sanitize');
|
||||
let db = global['requireModule']('database');
|
||||
|
||||
module.exports = {
|
||||
path: "/authenticate",
|
||||
/**
|
||||
|
@ -5,9 +8,57 @@ module.exports = {
|
|||
* @url /api/authenticate
|
||||
* @method POST
|
||||
* @POST ['applicationId', 'applicationSecret', 'userId', 'token']
|
||||
* @TODO add implementation
|
||||
*/
|
||||
post: async (req, res) => {
|
||||
return res.end();
|
||||
// check body variables
|
||||
if(!req.body.applicationId || !req.body.applicationSecret || !req.body.userId || !req.body.token) {
|
||||
return res.type('json').status(401).end(JSON.stringify({
|
||||
status: 401,
|
||||
message: [
|
||||
'msg.request.data.missing'
|
||||
]
|
||||
}));
|
||||
}
|
||||
|
||||
let applicationId = sanitize(req.body.applicationId);
|
||||
let applicationSecret = sanitize(req.body.applicationSecret);
|
||||
let userId = sanitize(req.body.userId);
|
||||
let token = sanitize(req.body.token);
|
||||
|
||||
let auth = await db.getAuth({
|
||||
aId: applicationId,
|
||||
aSecret: applicationSecret,
|
||||
uId: userId,
|
||||
token: token
|
||||
});
|
||||
|
||||
// if database error
|
||||
if(auth.err) {
|
||||
// log error while debugging
|
||||
global['logs'].debug(auth.err);
|
||||
|
||||
// database error
|
||||
return res.type('json').status(500).end(JSON.stringify({
|
||||
status: 500,
|
||||
message: [
|
||||
'msg.database.error'
|
||||
]
|
||||
}));
|
||||
}
|
||||
|
||||
// no reply (user does not exist) or password is wrong
|
||||
if(!auth.reply || auth.reply === null || auth.reply.length == 0) {
|
||||
return res.type('json').status(401).end(JSON.stringify({
|
||||
status: 401,
|
||||
message: 'msg.auth.authentication.failed'
|
||||
}));
|
||||
// authentication granted
|
||||
} else {
|
||||
// no authorization, the clients are also resource servers and therefore handle data requests for themself
|
||||
return res.type('json').status(200).end(JSON.stringify({
|
||||
status: 200,
|
||||
message: 'msg.auth.authentication.successful'
|
||||
}));
|
||||
}
|
||||
}
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue