/* * This file is part of the authRXBN single sign-on package. * * (c) Ruben Meyer */ var express = require('express'); var route = express.Router(); var fs = require('fs'); var path = require('path'); var fileCheck = (file) => { if(typeof global['gds'].cache.web == 'undefined') global['gds'].cache.web = {}; let dir = global['__dirname'] + '/bin/web/views'; let path_j = path.join(dir, file.toLowerCase()); if(typeof global['gds'].cache.web[path_j] == 'undefined') { if(fs.existsSync(path_j+'.pug')) { global['gds'].cache.web[path_j] = true; } else { global['gds'].cache.web[path_j] = false; } } if(global['gds'].cache.web[path_j] === true) { return path_j; } else { return false; } }; route.all('/', function(req, res, next) { // TODO: show login page or dashboard // res.end('login or dashboard'); global['modules'].database.getApps((err, rep) => { res.render('index', { session: req.session, apps: rep }); }) }); // login page or app request route.get('/authenticate', (req, res) => { req.session.appRequest = {}; // TODO: data global['modules'].database.getApps((err, rep) => { if(req.query.appId) { if(req.query.appId && typeof req.query.appId == "string") { // req.query.appId // verify appId (if in rep) req.session.appRequest.appId = req.query.appId; // TODO: on accept, setAuthCode and redirect with token // on cancel, redirect to dashboard } } if(req.session && req.session.user) { res.render('request', { session: req.session, appRequest: req.session.appRequest, apps: rep }); } else { res.render('login', { session: req.session, login_title: "Login to use APP_NAME via authRxbn", // appRequest app name appRequest: req.session.appRequest }); } }); }); route.all('/*', (req, res, next) => { // passthrough to next route if(req.path.startsWith('/api')) return next(); if(req.path == "/request") return res.render('error/404'); let pathRules = require("./rules"); let group = "anon"; if(req.session && req.session.user) { group = "user"; if(req.session.user.group == 999) group = "admin"; } pathRules.forEach((rule) => { if(rule.rule == "block") { if(group == rule.group) { let regex = new RegExp(rule.expression, "g"); if(regex.test(req.path)) { if(rule.type == "404") { return res.status(404).render('error/404', { error_code: 404, error_msg: 'msg.request.file.not_found', session: req.session }); } else if(rule.type == "missing_permission") { return res.status(401).render('error/permission', { error_code: 401, session: req.session }); } else if(rule.type == "login") { return res.status(401).render('error/login', { error_code: 401, session: req.session }); } else { return res.status(401).render('error/error', { error_code: 401, session: req.session }); } } } } }); if(fileCheck(req.path)) { return res.render(req.path.replace(/^\//, ''), { session: req.session, cfg: global['gds'].cfg }); } else { return res.status(404).render('error/404', { error_code: 404, error_msg: 'msg.request.file.not_found', session: req.session }); } // TODO: try to login // TODO: role-based authorization // TODO: show login page or page }); module.exports = route;