/* * This file is part of the authRXBN single sign-on package. * * (c) Ruben Meyer */ var express = require('express'); var route = express.Router(); var fs = require('fs'); var path = require('path'); var fileCheck = (file) => { if(typeof global['gds'].cache.web == 'undefined') global['gds'].cache.web = {}; let dir = global['__dirname'] + '/bin/web/views'; let path_j = path.join(dir, file.toLowerCase()); if(typeof global['gds'].cache.web[path_j] == 'undefined') { if(fs.existsSync(path_j+'.pug')) { global['gds'].cache.web[path_j] = true; } else { global['gds'].cache.web[path_j] = false; } } if(global['gds'].cache.web[path_j] === true) { return path_j; } else { return false; } }; /** * main page * @url / * @method all */ route.all('/', function(req, res, next) { // TODO: show login page or dashboard // res.end('login or dashboard'); global['modules'].database.getApps((err, rep) => { res.render('index', { session: req.session, apps: rep }); }) }); /** * login page or apprequest page * @url / * @method GET */ route.get('/authenticate', (req, res) => { if(req.session) { // if there isnt an apprequest if(!req.session.appRequest) req.session.appRequest = {}; // TODO: data } // query apps global['modules'].database.getApps((err, rep) => { // set appId in appRequest if(req.query.appId) { if(req.query.appId && typeof req.query.appId == "string") { // req.query.appId // verify appId (if in rep) req.session.appRequest.appId = req.query.appId; // TODO: on accept, setAuthCode and redirect with token // on cancel, redirect to dashboard } } // if user is logged in, show request page if(req.session && req.session.user) { res.render('request', { session: req.session, appRequest: req.session.appRequest, apps: rep }); // if user isnt logged in, show login page } else { if(!req.query.appId) req.session.appRequest = {}; let view_obj = { session: req.session }; if(req.query.appId) { rep.forEach((app) => { if(app._id == req.query.appId) view_obj["login_title"] = "Login to use "+app.name+" via authRxbn"; // appRequest app name }) } res.render('login', view_obj); } }); }); /** * all other routes * @url /* * @method all * @TODO comments */ route.all('/*', (req, res, next) => { // passthrough to next route if(req.path.startsWith('/api')) return next(); if(req.path == "/request") return res.render('error/404'); let pathRules = require("./rules"); let group = "anon"; if(req.session && req.session.user) { group = "user"; if(req.session.user.group == 999) group = "admin"; } pathRules.forEach((rule) => { if(rule.rule == "block") { if(group == rule.group) { let regex = new RegExp(rule.expression, "g"); if(regex.test(req.path)) { if(rule.type == "404") { return res.status(404).render('error/404', { error_code: 404, error_msg: 'msg.request.file.not_found', session: req.session }); } else if(rule.type == "missing_permission") { return res.status(401).render('error/permission', { error_code: 401, session: req.session }); } else if(rule.type == "login") { return res.status(401).render('error/login', { error_code: 401, session: req.session }); } else { return res.status(401).render('error/error', { error_code: 401, session: req.session }); } } } } }); if(fileCheck(req.path)) { return res.render(req.path.replace(/^\//, ''), { session: req.session, cfg: global['gds'].cfg }); } else { return res.status(404).render('error/404', { error_code: 404, error_msg: 'msg.request.file.not_found', session: req.session }); } // TODO: try to login // TODO: role-based authorization // TODO: show login page or page }); module.exports = route;