125 lines
2.9 KiB
JavaScript
125 lines
2.9 KiB
JavaScript
/*
|
|
* This file is part of the authRXBN single sign-on package.
|
|
*
|
|
* (c) Ruben Meyer <contact@rxbn.de>
|
|
*/
|
|
|
|
var express = require('express');
|
|
var route = express.Router();
|
|
|
|
var fs = require('fs');
|
|
var path = require('path');
|
|
|
|
var fileCheck = (file) => {
|
|
if(typeof global['gds'].cache.web == 'undefined') global['gds'].cache.web = {};
|
|
let dir = global['__dirname'] + '/bin/web/views';
|
|
let path_j = path.join(dir, file.toLowerCase());
|
|
if(typeof global['gds'].cache.web[path_j] == 'undefined') {
|
|
if(fs.existsSync(path_j+'.pug')) {
|
|
global['gds'].cache.web[path_j] = true;
|
|
} else {
|
|
global['gds'].cache.web[path_j] = false;
|
|
}
|
|
}
|
|
|
|
if(global['gds'].cache.web[path_j] === true) {
|
|
return path_j;
|
|
} else {
|
|
return false;
|
|
}
|
|
};
|
|
|
|
route.all('/', function(req, res, next) {
|
|
// TODO: show login page or dashboard
|
|
// res.end('login or dashboard');
|
|
res.render('index');
|
|
});
|
|
|
|
// login page or app request
|
|
route.get('/authenticate', (req, res) => {
|
|
req.session.appRequest = {}; // TODO: data
|
|
|
|
if(req.session && req.session.user) {
|
|
res.render('request', {
|
|
appRequest: req.session.appRequest
|
|
});
|
|
} else {
|
|
res.render('login', {
|
|
login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
|
|
appRequest: req.session.appRequest
|
|
});
|
|
}
|
|
});
|
|
|
|
// authenticate user for server
|
|
route.post('/authenticate', (req, res) => {
|
|
|
|
});
|
|
|
|
route.all('/*', (req, res, next) => {
|
|
// passthrough to next route
|
|
if(req.path.startsWith('/api'))
|
|
return next();
|
|
|
|
if(req.path == "/request") return res.render('error/404');
|
|
|
|
let pathRules = require("./rules");
|
|
|
|
let group = "anon";
|
|
if(req.session && req.session.user) {
|
|
group = "user";
|
|
if(req.session.user.group == 999) group = "admin";
|
|
}
|
|
|
|
pathRules.forEach((rule) => {
|
|
if(rule.rule == "block") {
|
|
if(group == rule.group) {
|
|
let regex = new RegExp(rule.expression, "g");
|
|
if(regex.test(req.path)) {
|
|
if(rule.type == "404") {
|
|
return res.status(404).render('error/404', {
|
|
error_code: 404,
|
|
error_msg: 'msg.request.file.not_found',
|
|
session: req.session
|
|
});
|
|
} else if(rule.type == "missing_permission") {
|
|
return res.status(401).render('error/permission', {
|
|
error_code: 401,
|
|
session: req.session
|
|
});
|
|
} else if(rule.type == "login") {
|
|
return res.status(401).render('error/login', {
|
|
error_code: 401,
|
|
session: req.session
|
|
});
|
|
} else {
|
|
return res.status(401).render('error/error', {
|
|
error_code: 401,
|
|
session: req.session
|
|
});
|
|
}
|
|
}
|
|
}
|
|
}
|
|
});
|
|
|
|
if(fileCheck(req.path)) {
|
|
return res.render(req.path.replace(/^\//, ''), {
|
|
session: req.session,
|
|
cfg: global['gds'].cfg
|
|
});
|
|
} else {
|
|
return res.status(404).render('error/404', {
|
|
error_code: 404,
|
|
error_msg: 'msg.request.file.not_found',
|
|
session: req.session
|
|
});
|
|
}
|
|
|
|
// TODO: try to login
|
|
// TODO: role-based authorization
|
|
// TODO: show login page or page
|
|
});
|
|
|
|
module.exports = route;
|